Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - lsmodCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmodCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.2 Ensure /tmp is configured - mountCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.2 Ensure /tmp is configured - mountCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.7 Ensure nodev option set on /var/tmp partitionCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.3 Disable all management related services on WAN portCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.4.1 Ensure permissions on bootloader config are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.3.4 Ensure 'aaa authentication ssh console' is configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.5.1 Ensure core dumps are restricted - limits.conf limits.dCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core dumps are restricted - sysctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1.1 Ensure message of the day is configured properlyCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1.1 Ensure message of the day is configured properlyCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.1.6 Ensure permissions on /etc/issue.net are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.2 Ensure GDM login banner is configured - banner textCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure GDM disable-user-list option is enabledCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5.3 Ensure HA Reserved Management Interface is configuredCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.2 Set 'key'CIS Cisco IOS XE 17.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.4 Set 'address-family ipv4 autonomous-system'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.6 Set 'authentication key-chain'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5 Ensure That RSASHA1 Is Not Used for the Zone-Signing Key in Cloud DNS DNSSECCIS Google Cloud Platform v3.0.0 L1GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

5.1.1 Ensure cron daemon is enabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.4 Ensure SSH Protocol is set to 2CIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.4 Ensure SSH Protocol is set to 2CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.10 Ensure SSH root login is disabledCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.11 Ensure SSH PermitEmptyPasswords is disabledCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.14 Ensure only strong MAC algorithms are usedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.19 Ensure SSH warning banner is configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.2 Ensure lockout for failed password attempts is configuredCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.15 Ensure only strong MAC algorithms are used - sshd_configCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5 Ensure root login is restricted to system consoleCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure access to the su command is restricted - /etc/groupCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.12 Ensure no ungrouped files or directories existCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.13 Audit SUID executablesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.6 Ensure root PATH IntegrityCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.14 Ensure no users have .rhosts filesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.19 Ensure no duplicate group names existCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows Server 2016 v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.6.11.2 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Windows Server 2022 v3.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'cryptographic hash is used 'DISA STIG for Oracle Linux 5 v2r1Unix

CONFIGURATION MANAGEMENT