1.3.5 Ensure AIDE is configured to use FIPS 140-2 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
1.4.1 Enable SELinux in /etc/grub.conf - selinux != 0 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
1.6.1.2 Ensure the SELinux state is enforcing - /etc/selinux/config | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - loaded | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured - /etc/selinux/config | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL |
1.6.1.4 Ensure all AppArmor Profiles are enforcing - loaded | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.4 Ensure all AppArmor Profiles are enforcing - unconfined | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.5 Ensure the SELinux mode is enforcing - getenforce | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL |
1.6.1.7 Ensure SETroubleshoot is not installed | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
1.7.1.5 Ensure no unconfined services exist | CIS Oracle Linux 8 Server L2 v1.0.0 | Unix | ACCESS CONTROL |
2.0.3 Set umask value for DB2 admin user .profile file | CIS IBM DB2 OS L1 v1.2.0 | Unix | ACCESS CONTROL |
2.2.45 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
2.2.45 Ensure 'Take ownership of files or other objects' is set to 'Administrators' - Administrators | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
2.2.59 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC | Windows | ACCESS CONTROL |
2.3.10.12 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL |
2.3.10.14 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS | Windows | ACCESS CONTROL |
3.1 Ensure JMX Console is either secured or removed - 'java:/jaas/jmx-console = true' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
3.2 Set Daemon umask | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
3.3 Ensure the Apache User Account Is Locked | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | ACCESS CONTROL |
3.4 The JMXInvokerServlet servlet must be secured against web attacks - 'http-method,GET = false' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from all | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | ACCESS CONTROL |
4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Order = Deny,Allow | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | ACCESS CONTROL |
4.1 Ensure sudo is configured correctly | CIS PostgreSQL 9.5 OS v1.0.0 | Unix | ACCESS CONTROL |
5.1 Use secure Realms | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | ACCESS CONTROL |
5.3.2 Ensure permissions on SSH private host key files are configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
5.3.2 Ensure permissions on SSH private host key files are configured | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
5.3.2 Ensure permissions on SSH private host key files are configured | CIS CentOS 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
5.3.2 Ensure permissions on SSH private host key files are configured | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
5.3.3 Ensure permissions on SSH public host key files are configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bashrc | Huawei EulerOS 2 Workstation L1 v1.0 | Unix | ACCESS CONTROL |
5.5.5 Ensure default user umask is 027 or more restrictive - bashrc | CIS Red Hat EL8 Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
5.7 Ensure HTTP Request Methods Are Restricted - 'httpd.conf Document Root Order = Deny,Allow' | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | ACCESS CONTROL |
6.1.1 Audit system file permissions | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL |
6.2.5 Ensure users own their home directories | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.5 Ensure users own their home directories | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.6 Ensure users' home directories permissions are 750 or more restrictive | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.8 Ensure no users have .netrc files | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
6.2.9 Ensure users own their home directories | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | ACCESS CONTROL |
6.2.25 Ensure users' 'dot' files have '0740' or less set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
7.2 Ensure appropriate database file permissions are set | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | ACCESS CONTROL |
7.2 Ensure appropriate database file permissions are set | CIS MongoDB 6 L1 OS Windows v1.1.0 | Windows | ACCESS CONTROL |
7.3 Set Default umask for users | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
7.3 Set Default umask for users - UMASK = 027 | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
7.6 Ensure directory in logging.properties is a secure location - check application log directory is secure | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
7.7 Set Default umask for FTP Users - Check if 'defumask' is set to 077. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
8.11 Set default umask for users, Check if 'UMASK' is set to 077. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.12 Set default umask for FTP users (Solaris 9) | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
19.7.26.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL |
CIS Control 14 (14.6) Protect Information Through Access Control Lists | CAS Implementation Group 1 Audit File | Unix | ACCESS CONTROL |