1.2 Set 'Allow Active X One Off Forms' to 'Enabled:Load only Outlook Controls' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.2.3 Ensure repo_gpgcheck is globally activated | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
1.3.1.8 Ensure SETroubleshoot is not installed | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
1.5.1.8 Ensure SETroubleshoot is not installed | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | IDENTIFICATION AND AUTHENTICATION |
2.7 Only enable Kerberos-related daemons if absolutely necessary (kadmind5_server_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
2.7 Only enable Kerberos-related daemons if absolutely necessary (kerberos5_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | CONFIGURATION MANAGEMENT |
3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - init_module | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - init_module | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - insmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - rmmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.18 Ensure kernel module loading and unloading is collected - rmmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.3 Ensure excessive function privileges are revoked | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
4.3 Ensure excessive function privileges are revoked | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
4.5 Ensure excessive function privileges are revoked | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
4.5 Ensure excessive function privileges are revoked | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
5.6 Enable OCSP and CRL certificate checking - CRL | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.6 Enable OCSP and CRL certificate checking - OCSP | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
AIX7-00-002130 - If csh/tcsh shell is used, AIX must display logout messages. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
BIND-9X-001059 - On the BIND 9.x server the platform on which the name server software is hosted must be configured to send outgoing DNS messages from a random port. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
Change the Size of the Anti-Replay Window | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
GEN000000-LNX00360 - The X server must have the correct options enabled - '-audit = 4' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
GEN000800 - The system must prohibit the reuse of passwords within five iterations. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
GEN000800 - The system must prohibit the reuse of passwords within five iterations. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |