| 3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.default.log_martians' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - '/etc/localtime' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex - 64bit' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - 'clock_settime - 64bit' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - 'auditctl shadow' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl /etc/sysconfig/networks' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl hosts' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl networks' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname (64-bit)' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor.d/' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/usr/share/selinux/' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /usr/share/selinux/' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure discretionary access control permission modification events are collected - 'chown' (64-bit) | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure discretionary access control permission modification events are collected - 'setxattr' (64-bit) | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'auditctl EPERM' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' (64-bit) | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure changes to system administration scope (sudoers) is collected - '/etc/sudoers.d' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure changes to system administration scope (sudoers) is collected - 'auditctl sudoers.d' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - '/sbin/insmod' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - '/sbin/modprobe' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl insmod' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl modprobe' | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl modprobe' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - '*.crit /var/log/warn' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - '*.emerg :omusrmsg:*' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local0,local1.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local2,local3.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local4,local5.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'local6,local7.* -/var/log/localmessages' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'mail.info -/var/log/mail.info' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.2 Ensure logging is configured - 'news.notice -/var/log/news/news.notice' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Ensure SSH LogLevel is set to INFO | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Ensure SSH LogLevel is set to INFO | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| Audit Account Lockout | MSCT Windows 10 v20H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows 10 v20H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Authentication Policy Change | MSCT Windows 10 v20H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other Logon/Logoff Events | MSCT Windows 10 v20H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit System Integrity | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Log successful connections - Private Profile | MSCT Windows 10 v2004 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Log successful connections - Private Profile | MSCT Windows 10 v20H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Log successful connections - Public Profile | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
