Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
Item Search
Audits
Item Search
Filters (1)
Description
Filename
Plugin
References
Control ID
Relevance
Description
Plugin
Filename
References (Active)
Search by References
Clear All
‹‹ Previous
Previous
Page 2 of 16
• 771 Total
Next
Next ››
Name
Audit Name
Plugin
Category
3.1 Ensure a fully-synchronized High Availability peer is configured
CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
Palo_Alto
3.1.1 Ensure IP forwarding is disabled - /etc/sysctl
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Ensure packet redirect sending is disabled - /etc/sysctl ipv4 all send
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Ensure packet redirect sending is disabled - /etc/sysctl ipv4 default send
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Ensure packet redirect sending is disabled - sysctl ipv4 all send
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Set 'no ip proxy-arp'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.1.3 Set 'no interface tunnel'
CIS Cisco IOS 16 L1 v1.1.1
Cisco
3.1.4 Set 'ip verify unicast source reachable-via'
CIS Cisco IOS 16 L1 v1.1.1
Cisco
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Link Monitoring Failure Condition
CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
Palo_Alto
3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring - Path Monitoring Failure Condition
CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
Palo_Alto
3.2.1 Ensure source routed packets are not accepted - /etc/sysctl ipv4 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.1 Ensure source routed packets are not accepted - sysctl ipv4 all acccept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.1 Ensure source routed packets are not accepted - sysctl ipv4 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Default deny configured'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Default deny configured'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 0.0.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 0.0.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 169.254.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 172.16.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.0.2.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.168.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.2 Ensure ICMP redirects are not accepted - sysctl ipv4 all accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.2 Set inbound 'ip access-group' on the External Interface
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.3 Ensure secure ICMP redirects are not accepted - sysctl ipv4 default secure
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Passive Link State
CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
Palo_Alto
3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.1 Ensure IPv6 router advertisements are not accepted - sysctl ipv6 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.1.1 Set 'key chain'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.1 Set 'key chain'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.3 Set 'key-string'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.3 Set 'key-string'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.4 Set 'address-family ipv4 autonomous-system'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.4 Set 'address-family ipv4 autonomous-system'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.5 Set 'af-interface default'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.6 Set 'authentication key-chain'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.7 Set 'authentication mode md5'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.7 Set 'authentication mode md5'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.7 Set 'authentication mode md5'
CIS Cisco IOS 16 L1 v1.1.1
Cisco
3.3.1.8 Set 'ip authentication key-chain eigrp'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.2 Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 all accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.2 Ensure IPv6 redirects are not accepted - sysctl ipv6 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.2.1 Set 'authentication message-digest' for OSPF area
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.2.1 Set 'authentication message-digest' for OSPF area
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.3.2 Set 'key'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.3.3 Set 'key-string'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.3.3 Set 'key-string'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.3.5 Set 'ip rip authentication mode' to 'md5'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
‹‹ Previous
Previous
Page 2 of 16
• 771 Total
Next
Next ››
