1.3.3 Ensure AIDE is configured to verify ACLs | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
1.4.1 Ensure permissions on bootloader config are not overridden - chmod | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
1.4.1 Ensure permissions on bootloader config are not overridden - if line | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.1 Ensure AppArmor is installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - unconfined | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.4 Ensure the SELinux mode is enforcing or permissive - getenforce | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
1.7.1.1 Ensure AppArmor is installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | ACCESS CONTROL |
1.7.1.3 Ensure SELinux policy is configured - sestatus | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
1.7.1.4 Ensure the SELinux mode is enforcing or permissive - getenforce | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
1.7.1.5 Ensure the SELinux mode is enforcing - /etc/selinux/config | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL |
1.8.1.4 Ensure permissions on /etc/motd are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
1.8.1.4 Ensure permissions on /etc/motd are configured | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 9.5 OS v1.0.0 | Unix | ACCESS CONTROL |
2.2.48 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
2.2.48 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
2.3 Set umask value for DB2 admin user .profile file | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | ACCESS CONTROL |
2.3.10.11 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL |
3.3 Ensure Admin Console is either secured or removed | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
3.3 Set daemon umask (/usr/local/etc/rc.d/* umask) | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 8.0 Community Database L1 v1.0.0 | MySQLDB | ACCESS CONTROL |
3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions | CIS MySQL 8.0 Enterprise Database L1 v1.3.0 | MySQLDB | ACCESS CONTROL |
3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 8.0 Community Database L1 v1.0.0 | MySQLDB | ACCESS CONTROL |
4.3 Ensure logrotate assigns appropriate permissions | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | ACCESS CONTROL |
4.4 Ensure logrotate assigns appropriate permissions | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | ACCESS CONTROL |
4.4 Ensure logrotate assigns appropriate permissions | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
5.1.4 Ensure permissions on /etc/cron.daily are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
5.1.8 Ensure cron is restricted to authorized users - '/etc/cron.allow' | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
5.1.8 Ensure cron is restricted to authorized users - '/etc/cron.deny' | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
5.2.2 Ensure permissions on SSH private host key files are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | ACCESS CONTROL |
5.2.2 Ensure permissions on SSH private host key files are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
5.2.3 Ensure permissions on SSH public host key files are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | ACCESS CONTROL |
5.2.3 Ensure permissions on SSH public host key files are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
5.4.2 Ensure system accounts are non-login | CIS Red Hat 6 Server L1 v2.1.0 | Unix | ACCESS CONTROL |
5.4.2 Ensure system accounts are non-login | CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.local /etc/profile.d/*.sh | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | ACCESS CONTROL |
5.5.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc' | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
5.5.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple macOS 10.15 v1.3.0 L1 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple macOS 11 v1.1.0 L1 | Unix | ACCESS CONTROL |
6.1.4 Ensure permissions on /etc/group are configured | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
6.2.7 Ensure users' dot files are not group or world writable | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.8 Ensure no users have .netrc files | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.8 Ensure users' dot files are not group or world writable | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
6.2.11 Ensure users' .netrc Files are not group or world accessible | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
6.2.17 Ensure shadow group is empty | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.8 Set default umask for users (/etc/login.conf) | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
8.8 Set default umask for users (/usr/share/skel/dot.cshrc) | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
9.25 Find Files and Directories with Extended Attributes | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
10.4 Set Default umask for Users - /etc/bash.bashrc | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |