Item Search

NameAudit NamePluginCategory
1.1.3 Ensure that the controller manager pod specification file permissions are set to 600 or more restrictiveCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure that the etcd pod specification file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.17 Ensure that the controller-manager.conf file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600CIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.1 Ensure that the --anonymous-auth argument is set to falseCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.1 Ensure that the --anonymous-auth argument is set to falseCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.1 Ensure that the --anonymous-auth argument is set to falseCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.6 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.7 Ensure that the --authorization-mode argument includes NodeCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.10 Ensure that the admission control plugin AlwaysAdmit is not setCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.10 Ensure that the admission control plugin AlwaysAdmit is not setCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.10 Ensure that the admission control plugin AlwaysAdmit is not setCIS Kubernetes v1.24 Benchmark v1.0.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.11 Ensure that the admission control plugin AlwaysPullImages is setCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

2.5 Ensure that the --peer-client-cert-auth argument is set to trueCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

2.5 Ensure that the --peer-client-cert-auth argument is set to trueCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

3.1.1 Require Explicit Authorization for Cataloging (CATALOG_NOAUTH)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.1.8 Set Maximum Connection Limits (MAX_CONNECTIONS and MAX_COORDAGENTS)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

3.1.13 Secure the Communication Buffer Exit Library (COMM_EXIT_LIST)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

3.2.3 Disable Grants During Restore (DB2_RESTORE_GRANT_ADMIN_AUTHORITIES)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

3.3.1 Secure Db2 Runtime LibraryCIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.1 Ensure that the kubelet service file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.3 If proxy kubeconfig file exists ensure permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.5 Secure Permissions for the Primary Archive Log Location (LOGARCHMETH1)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.5 Secure Permissions for the Primary Archive Log Location (LOGARCHMETH1)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.6 Secure Permissions for the Secondary Archive Log Location (LOGARCHMETH2)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.8 Secure Permissions for the Log Mirror Location (MIRRORLOGPATH)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH)CIS IBM DB2 11 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.14 Specify a Secure Location for External Tables (EXTBL_LOCATION)CIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.3.6 Restrict Access to SYSIBM.SYSCOLUMNSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.8 Restrict Access to SYSIBM.SYSCONTEXTSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.14 Restrict Access to SYSIBM.SYSEXTTABCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.15 Restrict Access to SYSIBM.SYSINDEXAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.16 Restrict Access to SYSIBM.SYSMODULEAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.18 Restrict Access to SYSIBM.SYSPLANAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.28 Restrict Access to SYSIBM.SYSSECURITYLABELCOMPONENTELEMENTSCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.31 Restrict Access to SYSIBM.SYSSECURITYPOLICIESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.35 Restrict Access to SYSIBM.SYSSEQUENCEAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.43 Restrict Access to SYSIBM.SYSVARIABLESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.3.46 Restrict Access to SYSIBM.SYSXSROBJECTAUTHCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.4.3 Restrict Access to SYSIBMADM.PRIVILEGESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

4.4.9 Restrict Access to SYSIBMADM.PRIVILEGESCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION

6.1.1 Secure SYSADM AuthorityCIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.4 Secure SYSMON AuthorityCIS IBM DB2 11 v1.1.0 Linux OS Level 1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4 Nested RolesCIS IBM DB2 11 v1.1.0 Database Level 1IBM_DB2DB

ACCESS CONTROL, MEDIA PROTECTION