Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of udf filesystems is disabled - modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.4 Ensure nodev option set on /tmp partitionCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3.3 Ensure authentication required for single user modeCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core dumps are restricted - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1 Ensure message of the day is configured properly - banner textCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1 Ensure message of the day is configured properly - mrsvCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.4 Ensure remote login warning banner is configured properly - banner textCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure last logged in user display is disabled - system-db:gdmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.2.3 Ensure the NGINX service account has an invalid shellCIS NGINX Benchmark v2.1.0 L1 WebserverUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.14 Ensure the 'sa' Login Account has been renamedCIS Microsoft SQL Server 2019 v1.4.0 L1 Database EngineMS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.9 Ensure TCP SYN Cookies is enabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.10 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra = 0'CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.17 Ensure sshd MaxStartups is configuredCIS Red Hat EL8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.2.18 Ensure sshd MaxStartups is configuredCIS Oracle Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.4.2.2 Ensure pam_faillock module is enabledCIS Oracle Linux 8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Oracle Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Oracle Linux 8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.2 Ensure password expiration is 365 days or lessCIS Red Hat EL8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.1.3 Ensure password expiration warning days is 7 or moreCIS Red Hat EL8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.5.2.1 Ensure default group for the root account is GID 0CIS CentOS Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.1.1 Ensure cron daemon is enabled and running - enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.2 Ensure sudo commands use ptyCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.8 Ensure SSH HostbasedAuthentication is disabledCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.9 Ensure SSH PermitEmptyPasswords is disabledCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.9 Ensure SSH PermitEmptyPasswords is disabledCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.15 Ensure SSH warning banner is configuredCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.18 Ensure SSH MaxSessions is set to 10 or lessCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.20 Ensure SSH Idle Timeout Interval is configuredCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.13 Ensure SSH PermitEmptyPasswords is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.18 Ensure only strong Key Exchange algorithms are used - approved algorithmsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.21 Ensure SSH warning banner is configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.22 Ensure SSH MaxStartups is configured - sshd_configCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.22 Ensure SSH PAM is enabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.23 Ensure SSH MaxSessions is limited - sshd_configCIS Red Hat 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.1.3 Ensure password expiration warning days is configuredCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.2 Ensure minimum days between password changes is configured - /etc/login.defsCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.3 Ensure password expiration warning days is 7 or more - login.defsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.3 Ensure default group for the root account is GID 0CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6.1.3 Ensure password expiration warning days is 7 or moreCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.13 Audit SUID executablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.7 Ensure no duplicate UIDs existCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.20 Ensure shadow group is empty - /etc/groupCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.1.2.2 Ensure 'Allow users to enable online speech recognition services' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.4.8 Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.6.21.1 Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.19.5 Ensure 'Configure security policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION