Item Search

NameAudit NamePluginCategory
1.1.6 Ensure nosuid option set on /var partitionCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.1 Ensure separate partition exists for /homeCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.5 Ensure the SELinux mode is enforcingCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.2.1.10 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

2.2.1.13 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

2.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.1.1 Require Explicit Authorization for Cataloging (CATALOG_NOAUTH)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.1.2 Ensure that the proxy kubeconfig file ownership is set to root:rootCIS Google Kubernetes Engine (GKE) v1.6.1 L1 NodeUnix

ACCESS CONTROL, MEDIA PROTECTION

3.1.8 Set Maximum Connection Limits (MAX_CONNECTIONS and MAX_COORDAGENTS)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'AirWatch - CIS Apple iOS 17 Institution Owned L2MDM

ACCESS CONTROL, MEDIA PROTECTION

3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'MobileIron - CIS Apple iOS 17 Institution Owned L1MDM

ACCESS CONTROL, MEDIA PROTECTION

3.5 Ensure Access to Audit Records Is Controlled - /var/auditCIS Apple macOS 10.15 Catalina v3.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.14 Specify a Secure Location for External Tables (EXTBL_LOCATION)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.7 Restrict Access to SYSCAT.CONTEXTATTRIBUTESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.11 Restrict Access to SYSCAT.DBAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.23 Restrict Access to SYSCAT.ROUTINESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.26 Restrict Access to SYSCAT.SECURITYLABELCOMPONENTSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.29 Restrict Access to SYSCAT.SECURITYPOLICYCOMPONENTRULESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.40 Restrict Access to SYSCAT.USEROPTIONSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.41 Restrict Access to SYSCAT.VARIABLEAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.2.45 Restrict Access to SYSCAT.XSROBJECTAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.6 Restrict Access to SYSIBM.SYSCOLUMNSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.8 Restrict Access to SYSIBM.SYSCONTEXTSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.13 Restrict Access to SYSIBM.SYSEVENTTABLESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.14 Restrict Access to SYSIBM.SYSEXTTABCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.15 Restrict Access to SYSIBM.SYSINDEXAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.16 Restrict Access to SYSIBM.SYSMODULEAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.18 Restrict Access to SYSIBM.SYSPLANAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.28 Restrict Access to SYSIBM.SYSSECURITYLABELCOMPONENTELEMENTSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.31 Restrict Access to SYSIBM.SYSSECURITYPOLICIESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.35 Restrict Access to SYSIBM.SYSSEQUENCEAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.43 Restrict Access to SYSIBM.SYSVARIABLESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.46 Restrict Access to SYSIBM.SYSXSROBJECTAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.4.3 Restrict Access to SYSIBMADM.PRIVILEGESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.4.9 Restrict Access to SYSIBMADM.PRIVILEGESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.2 Minimize user access to Container Image repositoriesCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.3 Ensure default group for the root account is GID 0CIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.6.3 Ensure Control Plane Authorized Networks is EnabledCIS Google Kubernetes Engine (GKE) v1.6.1 L2GCP

ACCESS CONTROL, MEDIA PROTECTION

6.1.1 Audit system file permissionsCIS Fedora 28 Family Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.4 Ensure Guest Access to Shared Folders Is DisabledCIS Apple macOS 11.0 Big Sur v4.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.5 Ensure permissions on /etc/passwd- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure permissions on /etc/group- are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4 Nested RolesCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

6.2.10 Ensure users' dot files are not group or world writableCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.2 Ensure that the 'cross db ownership chaining' database flag for Cloud SQL SQL Server instance is set to 'off'CIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL, MEDIA PROTECTION