Item Search

NameAudit NamePluginCategory
1.2 Use the updated Linux KernelCIS Docker 1.11.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

1.2 Use the updated Linux KernelCIS Docker 1.12.0 v1.0.0 L1 LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

2.5 Do not use the aufs storage driverCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

2.5 Do not use the aufs storage driverCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

3.1.14 Set maximum connection limits - MAX_CONNECTIONSCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DBIBM_DB2DB

ACCESS CONTROL

3.1.14 Set maximum connection limits - MAX_CONNECTIONSCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB

ACCESS CONTROL

3.1.14 Set maximum connection limits - MAX_COORDAGENTSCIS IBM DB2 9 Benchmark v3.0.1 Level 2 DBIBM_DB2DB

ACCESS CONTROL

3.1.14 Set maximum connection limits - MAX_COORDAGENTSCIS IBM DB2 9 Benchmark v3.0.1 Level 1 DBIBM_DB2DB

ACCESS CONTROL

5.2.21 Ensure SSH MaxStartups is configuredCIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.2.21 Ensure SSH MaxStartups is configuredCIS Debian Family Server L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [success=1 default=bad] pam_unix.so'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth [success=1 default=bad] pam_unix.so'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.2 Ensure lockout for failed password attempts is configured - system-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900'CIS Amazon Linux 2 STIG v1.0.0 L1Unix

CONFIGURATION MANAGEMENT

5.3.5 Ensure minimum and maximum requirements are set for password changes - maxclassrepeatCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.3.5 Ensure minimum and maximum requirements are set for password changes - maxrepeatCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.3.5 Ensure minimum and maximum requirements are set for password changes - minlenCIS Amazon Linux 2 STIG v1.0.0 L3Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - lcreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - minlenCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - minlenCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ocreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ocreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ocreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - password-auth try_first_passCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - retryCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - system-auth retry=3CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - system-auth try_first_passCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ucreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1 Ensure password creation requirements are configured - ucreditCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

10.2 Ensure the LimitRequestFields Directive is Set to 100 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.2 Ensure the LimitRequestFields Directive is Set to 100 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

CIS_Aliyun_Linux_2_L2_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0CIS Aliyun Linux 2 L2 v1.0.0Unix
RHEL-07-010061 - The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate users using multifactor authentication via a graphical user logon.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010199 - The Red Hat Enterprise Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010210 - The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020710 - The Red Hat Enterprise Linux operating system must be configured so that all local initialization files have mode 0740 or less permissive.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-020730 - The Red Hat Enterprise Linux operating system must be configured so that local initialization files do not execute world-writable programs.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030510 - The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-040180 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040350 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using rhosts authentication.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040612 - The Red Hat Enterprise Linux operating system must use a reverse-path filter for IPv4 network traffic when possible by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040641 - The Red Hat Enterprise Linux operating system must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040660 - The Red Hat Enterprise Linux operating system must not send Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-041002 - The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

WN19-CC-000260 - Windows Server 2019 Windows Update must not obtain updates from other PCs on the Internet.DISA Microsoft Windows Server 2019 STIG v3r3Windows

CONFIGURATION MANAGEMENT