Item Search

NameAudit NamePluginCategory
1.1.3.9.12 Configure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

2.1.5 Ensure that the --streaming-connection-idle-timeout argument is not set to 0CIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.6 Ensure that the --streaming-connection-idle-timeout argument is not set to 0CIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.8 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - Link local addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - Link local addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - Multicast addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.2.1.12 Ensure 'Allow adding VPN configurations' is set to 'Disabled'MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.2.1.12 Ensure 'Allow adding VPN configurations' is set to 'Disabled'AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.7 Ensure that SharePoint is set to reject or delay network traffic generated above configurable traffic volume thresholds - Max ConnectionsCIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

3.7 Ensure that SharePoint is set to reject or delay network traffic generated above traffic volume thresholds - connectionTimeoutCIS Microsoft SharePoint 2016 OS v1.1.0Windows

ACCESS CONTROL

3.7 Ensure that SharePoint is set to reject or delay network traffic generated above traffic volume thresholds - maxConnectionsCIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

5.2 Securely Authenticate Dynamic Updates - allow-update none or localhostCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2 Securely Authenticate Dynamic Updates - update-policy grant or localCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.29 Ensure Docker's default bridge docker0 is not usedCIS Docker Community Edition v1.1.0 L2 DockerUnix

CONFIGURATION MANAGEMENT

6.1 Hide BIND Version StringCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure that MongoDB uses a non-default portCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

7.2 Enable DNSSEC Validation - dnssec-validationCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Ensure swarm services are binded to a specific host interfaceCIS Docker Community Edition v1.1.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

9.2 Ensure KeepAlive Is EnabledCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

18.4.7 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server v1909 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 2019 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v1909 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2019 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows Server v2004 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows Server v2004 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows Server v20H2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS serversMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION