Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Fedora 19 Family Linux Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Fedora 19 Family Linux Server L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Debian Family Workstation L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.4 Use non-default account namesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix

ACCESS CONTROL

1.4 Use non-default account namesCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows

ACCESS CONTROL

1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers accountCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.1 Secure DB2 Runtime LibraryCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows
2.1 Secure DB2 Runtime LibraryCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix
3.1.5 Secure permissions for default database file pathCIS IBM DB2 v10 v1.1.0 Windows OS Level 2Windows
3.1.5 Secure permissions for default database file path (Scored)CIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix
3.1.14 Set maximum connection limits - 'maxappls <= 99'CIS IBM DB2 OS L2 v1.2.0Unix

ACCESS CONTROL

4.1.6 Ensure events that modify the system's network environment are collected - auditctl '/etc/network'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'issue.net'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname'CIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl 'sethostname setdomainname' x64CIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - sethostname setdomainnameCIS Debian 9 Workstation L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.12 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 32 bitCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.12 Ensure unsuccessful unauthorized file access attempts are collected - EACCES 32 bitCIS Amazon Linux 2 STIG v1.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.4 Defend against Denial of Service AttacksCIS ISC BIND 9.0/9.5 v2.0.0Unix
5.20 Do not share the host's UTS namespaceCIS Docker 1.12.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8.7 Secure the permissions of the IBMLDAPSecurity.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS LinuxUnix
9.6 Secure the permission of the IBMLDAPSecurity.ini fileCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix
9.6 Secure the permission of the IBMLDAPSecurity.ini fileCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Linux OS Level 1Unix
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix
9.11 Ensure permissions on communication exit library locationsCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows
ALMA-09-054690 - AlmaLinux OS 9 must periodically flush audit records to disk to prevent the loss of audit records.DISA CloudLinux AlmaLinux OS 9 STIG v1r1Unix

AUDIT AND ACCOUNTABILITY

APPL-14-001150 The macOS system must disable password authentication for SSH.DISA Apple macOS 14 (Sonoma) STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

APPL-15-001150 - The macOS system must disable password authentication for SSH.DISA Apple macOS 15 (Sequoia) STIG v1r2Unix

IDENTIFICATION AND AUTHENTICATION, MAINTENANCE

DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

ESXI-70-000084 - The ESXi host must enable audit logging.DISA STIG VMware vSphere 7.0 ESXi OS v1r2Unix

CONFIGURATION MANAGEMENT

Excel 2 worksheetsMSCT Office 365 ProPlus 1908 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT Office 2016 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Excel 2 worksheetsMSCT M365 Apps for enterprise 2412 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

FFOX-00-000002 - Firefox must be configured to allow only TLS 1.2 or above.DISA STIG Mozilla Firefox MacOS v6r5Unix

ACCESS CONTROL

FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser.DISA STIG Mozilla Firefox Windows v6r5Windows

CONFIGURATION MANAGEMENT

RHEL-07-020670 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories are group-owned by a group of which the home directory owner is a member.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030340 - The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) via email when the threshold for the repository maximum audit record storage capacity is reached.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030350 - The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-09-653095 - RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records.DISA Red Hat Enterprise Linux 9 STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

VCLU-70-000019 - Lookup Service must limit the number of allowed connections.DISA STIG VMware vSphere 7.0 Lookup Service v1r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

VCST-67-000019 - The Security Token Service must limit the number of allowed connections.DISA STIG VMware vSphere 6.7 STS Tomcat v1r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

WINER-000012 - The maximum number of error reports to archive on a system must be configured to 100 or greater.DISA Windows Vista STIG v6r41Windows

SYSTEM AND INFORMATION INTEGRITY

WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the internet.DISA Windows 10 STIG v3r2Windows

CONFIGURATION MANAGEMENT