Item Search

NameAudit NamePluginCategory
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the admin.conf file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL

1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

1.2.1 Set 'privilege 1' for local users - 'All users have encrypted passwords'CIS Cisco IOS 15 L1 v4.1.1Cisco

ACCESS CONTROL

2.4.3 Ensure admin accounts with different privileges have their correct profiles assignedCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL

3.1 Ensure that the docker.service file ownership is set to root:rootCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

3.3 Ensure that docker.socket file ownership is set to root:rootCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL

3.5 Ensure that the /etc/docker directory ownership is set to root:rootCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL

3.13 Ensure that the Docker server certificate key file ownership is set to root:rootCIS Docker v1.6.0 L1 Docker LinuxUnix

ACCESS CONTROL

3.17 Ensure that the daemon.json file ownership is set to root:rootCIS Docker v1.6.0 L2 Docker LinuxUnix

ACCESS CONTROL

4.1.10 Ensure that the kubelet --config configuration file ownership is set to root:rootCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL

4.2.7 Ensure SSH root login is disabledCIS Debian 10 Workstation L1 v2.0.0Unix

ACCESS CONTROL

4.2.20 Ensure sshd PermitRootLogin is disabledCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

4.3.1 Ensure sudo is installedCIS Amazon Linux 2023 Server L1 v1.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Debian 10 Server L1 v2.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.3.2 Ensure sudo commands use ptyCIS Amazon Linux 2023 Server L1 v1.0.0Unix

ACCESS CONTROL

4.3.4 Ensure users must provide password for escalationCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

ACCESS CONTROL

4.3.4 Ensure users must provide password for escalationCIS CentOS Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL

4.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

4.3.6 Ensure sudo authentication timeout is configured correctlyCIS Amazon Linux 2 v3.0.0 L1Unix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.1.20 Ensure sshd PermitRootLogin is disabledCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2 Ensure Options for the Web Root Directory Are RestrictedCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Debian Linux 11 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.2 Minimize the admission of privileged containersCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL

5.2.4 Ensure users must provide password for privilege escalationCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL

5.2.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS Debian Linux 11 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.6 Ensure sudo authentication timeout is configured correctlyCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3 Ensure Options for Other Directories Are MinimizedCIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL

5.3.1 Ensure sudo is installedCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.3.2 Ensure sudo commands use ptyCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL

5.3.2 Ensure sudo commands use ptyCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

ACCESS CONTROL

5.3.6 Ensure sudo authentication timeout is configured correctlyCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.3.6 Ensure sudo authentication timeout is configured correctlyCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.5 Ensure the "root" Account Is DisabledCIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1Unix

ACCESS CONTROL

5.5 Ensure the "root" Account Is DisabledCIS Apple macOS 12.0 Monterey v3.1.0 L1Unix

ACCESS CONTROL

10.3 Restrict manager applicationCIS Apache Tomcat 10 L2 v1.1.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

10.17 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL