Item Search

NameAudit NamePluginCategory
1.1.1.8 Ensure mounting of FAT filesystems is disabled - lsmodCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

CONFIGURATION MANAGEMENT

1.1.1.8 Ensure mounting of FAT filesystems is disabled - lsmodCIS SUSE Linux Enterprise Server 11 L2 v2.1.1Unix

CONFIGURATION MANAGEMENT

1.1.2 Ensure separate partition exists for /tmpCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.5 Ensure separate partition exists for /varCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.6 Ensure separate partition exists for /var/tmpCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.2.3.10 Configure 'Detect compatibility issues for applications and drivers'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.4.2.2.24 Configure 'Configure TPM platform validation profile for native UEFI firmware configurations'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.2.13 Ensure that the admission control plugin NamespaceLifecycle is setCIS Kubernetes v1.10.0 L2 MasterUnix

CONFIGURATION MANAGEMENT

1.5.8 Set 'snmp-server enable traps snmp'CIS Cisco IOS 12 L1 v4.0.0Cisco

CONFIGURATION MANAGEMENT

1.11.3 Ensure 'snmp-server host' is set to 'version 3'CIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkdownCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

1.11.4 Ensure 'SNMP traps' is enabled - linkupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.1.1.2 Set version 2 for 'ip ssh version'CIS Cisco IOS XE 17.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.1.1.2 Set version 2 for 'ip ssh version'CIS Cisco IOS XE 16.x v2.1.0 L1Cisco

CONFIGURATION MANAGEMENT

2.1.11 Ensure CDN is enabled for improved GUI performanceCIS Fortigate 7.0.x v1.3.0 L2FortiGate

CONFIGURATION MANAGEMENT

2.2 Ensure 'noproxyarp' is enabled for untrusted interfacesCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

CONFIGURATION MANAGEMENT

2.2 Ensure 'noproxyarp' is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.3 Ensure 'DNS Guard' is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

2.5 Ensure ICMP is restricted for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.1 Ensure DNS services are configured correctly - domain-lookupCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.3.12 nfs_use_reserved_ports - nfs_use_reserved_portsCIS IBM AIX 7.1 L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

3.11 Ensure Java applet filtering is enabledCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

3.12 Ensure explicit deny in access lists is configured correctlyCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT

4.2.12 nfs_use_reserved_portsCIS IBM AIX 7.2 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

4.6.3 Apply Security Context to Pods and ContainersCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

CONFIGURATION MANAGEMENT

5.2.12 Minimize the admission of HostPath volumesCIS Kubernetes v1.10.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

6.5.4 Ensure TCP SYN/FIN is Set to DropCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.6.9 Ensure local passwords require multiple character setsCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

6.23 Ensure Password is Set for PIC-Console-AuthenticationCIS Juniper OS Benchmark v2.1.0 L1Juniper

CONFIGURATION MANAGEMENT

7.6 Ensure directory in logging.properties is a secure location (check application log directory is secure)CIS Apache Tomcat 7 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

43 - Do not resolve hosts on logging valves - SERVER_XMLTNS Best Practice Jetty 9 LinuxUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.20_v1.0.1_Level_2_Master.audit from CIS Kubernetes v1.20 Benchmark v1.0.1CIS Kubernetes v1.20 Benchmark v1.0.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.24_v1.0.0_Level_1_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

CONFIGURATION MANAGEMENT

CIS_Kubernetes_v1.24_v1.0.0_Level_2_Worker.audit from CIS Kubernetes v1.24 Benchmark v1.0.0CIS Kubernetes v1.24 Benchmark v1.0.0 L2 WorkerUnix

CONFIGURATION MANAGEMENT

Ensure 'EIGRP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Failover' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'HTTP session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'ip verify' is set to 'reverse-path' for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'noproxyarp' is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - authenticationTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - coldstartTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server group' is set to 'v3 priv'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'snmp-server host' is set to 'version 3'Tenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DHCP services are disabled for untrusted interfaces - dhcprelayTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure email logging is configured for critical to emergencyTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure packet fragments are restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Limit HTTP methods allowed by the Web Server.TNS IBM HTTP Server Best Practice MiddlewareUnix

CONFIGURATION MANAGEMENT