1.1.3.4.1 Configure 'Devices: Allow undock without having to log on' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
1.2.2 Ensure 'Host Name' is set | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.2.3 Ensure 'Failover' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.6.3 Ensure 'RSA key pair' is greater than or equal to 2048 bits | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.6.4 Ensure 'SCP protocol' is set to Enable for files transfers | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
1.8.3 Ensure 'HTTP session timeout' is less than or equal to '5' minutes | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
1.10.4 Ensure 'syslog hosts' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
1.10.11 Ensure 'logging trap severity level' is greater than or equal to '5' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
1.11.3 Ensure 'snmp-server host' is set to 'version 3' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
1.11.4 Ensure 'SNMP traps' is enabled - authentication | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
1.11.4 Ensure 'SNMP traps' is enabled - linkdown | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
2.1.2 Ensure 'OSPF authentication' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
2.1.2 Verify Backups are Good | CIS MySQL 8.0 Enterprise Linux OS L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
2.1.4 Ensure Config-state is saved | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
2.3 Ensure 'DNS Guard' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
2.4 Ensure DHCP services are disabled for untrusted interfaces - dhcpd | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
2.4 Ensure DHCP services are disabled for untrusted interfaces - dhcprelay | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
2.4.2 Ensure 'Snapshot' is set | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
2.4.3 Configuring Scheduled Backups | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
3.1 Ensure DNS services are configured correctly - domain-lookup | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.3 Ensure packet fragments are restricted for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.3 Use Checkpoint Sections and Titles | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
3.4 Ensure non-default application inspection is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.5 Ensure DOS protection is enabled for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.5 Ensure no Allow Rule with Any in Destination filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
3.6 Ensure 'threat-detection statistics' is set to 'tcp-intercept' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.6 Ensure no Allow Rule with Any in Source filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
3.7 Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.7 Ensure no Allow Rule with Any in Services filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
3.8 Ensure 'security-level' is set to '0' for Internet-facing interface | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.11 Ensure Java applet filtering is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
3.12 Ensure explicit deny in access lists is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
4.8 Ensure Compute Instances Are Launched With Shielded VM Enabled | CIS Google Cloud Platform v3.0.0 L2 | GCP | CONFIGURATION MANAGEMENT |
5.15 Ensure that the 'on-failure' container restart policy is set to '5' | CIS Docker v1.6.0 L1 Docker Linux | Unix | CONFIGURATION MANAGEMENT |
5.28 Ensure that Docker commands always make use of the latest version of their image | CIS Docker v1.6.0 L1 Docker Linux | Unix | CONFIGURATION MANAGEMENT |
5.29 Ensure that the PIDs cgroup limit is used | CIS Docker v1.6.0 L1 Docker Linux | Unix | CONFIGURATION MANAGEMENT |
18.8.21.1 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
18.8.21.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.3 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
18.8.21.5 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
18.8.21.5 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |