Item Search

NameAudit NamePluginCategory
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.16 Ensure nosuid option set on /dev/shm partitionCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.16 Ensure nosuid option set on /dev/shm partitionCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.18 Ensure nodev option set on removable media partitionsCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.18 Ensure nodev option set on removable media partitionsCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.19 Ensure nosuid option set on removable media partitionsCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.19 Ensure nosuid option set on removable media partitionsCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.2.21 Ensure that the --service-account-lookup argument is set to trueCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2 Ensure extension directory has appropriate ownership and permissionsCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.2 Ensure extension directory has appropriate ownership and permissionsCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.3.18.4 Ensure 'Never allow users to specify groups when restricting permission for documents' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.3.18.5 Ensure 'Prevent users from changing permissions on rights managed content' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.5.10.8.1.2.1 Ensure 'Access to published calendars' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2MDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.24 Ensure 'Allow Handoff' is set to 'Disabled'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.26 Ensure 'Require Touch ID / Face ID authentication before AutoFill' is set to 'Enabled'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'AirWatch - CIS Apple iOS 17 Institution Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.5 Ensure Access to Audit Records Is Controlled - /var/auditCIS Apple macOS 10.14 v2.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'MobileIron - CIS Apple iOS 17 Institution Owned L2MDM

ACCESS CONTROL, MEDIA PROTECTION

3.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2MDM

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.1 Ensure a dynamic group for guest users is createdCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS CentOS Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/groupCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/groupCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/pam.d/suCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/pam.d/suCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.13 Ensure all groups in /etc/passwd exist in /etc/groupCIS SUSE Linux Enterprise 12 v3.1.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.13 Ensure all groups in /etc/passwd exist in /etc/groupCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.13 Ensure all groups in /etc/passwd exist in /etc/groupCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.13 Ensure all groups in /etc/passwd exist in /etc/groupCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

7.2.3 Ensure external content sharing is restrictedCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

7.2.4 Ensure OneDrive content sharing is restrictedCIS Microsoft 365 Foundations E3 L2 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

7.2.7 Ensure link sharing is restricted in SharePoint and OneDriveCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

9.1.7 Ensure shareable links are restrictedCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB ClusterCIS MySQL 8.0 Enterprise Database L2 v1.3.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB ClusterCIS MySQL 8.0 Community Database L2 v1.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION