2.1.1 Backup Policy in Place | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONTINGENCY PLANNING |
2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
2.3.2 Secure screen saver corners - bottom right corner | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
2.3.2 Secure screen saver corners - top right corner | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
2.3.3.7 Ensure Remote Apple Events Is Disabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.3.3.7 Ensure Remote Apple Events Is Disabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.4 Configure TCP Wrappers - Allow localhost. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
2.4.1 Disable Remote Apple Events | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.1 Ensure Remote Apple Events Is Disabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.4.1 Ensure Remote Apple Events Is Disabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.4.1 Ensure Remote Apple Events Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.5.1 Disable 'Wake for network access' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
2.5.2 Disable sleeping the computer when connected to power | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
2.6.7 Monitor Location Services Access | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
2.7.2 iCloud keychain | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
2.7.3 iCloud Drive | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
2.8.1 Time Machine Auto-Backup | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | CONTINGENCY PLANNING |
3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
4.3 Create network specific locations | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
4.3 Enable Auditing of File Metadata Modification Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Enable Kernel Level Auditing - Check audit policies is set to arge,argv,cnt | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Enable Kernel Level Auditing, Check if 'flags:lo,ad,cc' is set in /etc/security/audit_control. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Enable Kernel Level Auditing, Check if 'minfree:20' is set in /etc/security/audit_control. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Enable Kernel Level Auditing, Check if 'naflags:lo,ad,ex' is set in /etc/security/audit_control. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Enable Kernel Level Auditing, Check if 'root:lo,ad:no' is set in /etc/security/audit_user. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
4.9 Ensure the latest iOS device architecture is used by high-value targets | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
5.17 Create specialized keychains for different purposes | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
5.18 Install an approved tokend for smartcard authentication | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
6.1.1 Configure SSH - Check if Host * is set in /etc/ssh/ssh_config. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
6.9 Harden host operating system | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/words | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - Check MINUPPER is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - MINALPHA is set to 2 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.3 Set Strong Password Creation Policies - MINNONALPHA is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
7.6 Set Default umask for Users, Check if 'UMASK' is set to 077. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
7.9 Lock Inactive User Accounts - Check if definact is set to 35. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.10.43.6 (L1) Ensure 'Turn on Microsoft Defender Application Guard in Managed Mode' is set to 'Enabled: 1' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
23.1 (L1) Ensure 'Enable Virtualization Based Security' is set to 'Enable virtualization based security' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
NIST_macOS_Monterey_800-53r4_high_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | |
NIST_macOS_Monterey_800-53r4_low_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | |
NIST_macOS_Monterey_800-53r4_moderate_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | |
NIST_macOS_Monterey_800-171_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-171 | Unix | |