Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobeCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.2 Ensure /tmp is configured - systemctlCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctlyCIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.1.5 Ensure permissions on /etc/issue are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.2 Ensure GDM login banner is configured - banner message enabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.8.3 Ensure GDM disable-user-list option is enabledCIS Debian 10 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.1.1 Configure Control Plane PolicingCIS Cisco NX-OS L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1 Ensure That the Default Network Does Not Exist in a ProjectCIS Google Cloud Platform v3.0.0 L2GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.1.2 Configure EIGRP Passive interfaces for interfaces that do not have peersCIS Cisco NX-OS L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.4.4 Configure HSRP protectionsCIS Cisco NX-OS L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2 Ensure access to Configuration utility by clients using TLS version 1.2 or laterCIS F5 Networks v1.0.0 L1F5

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.3 Set 'key-string'CIS Cisco IOS XE 17.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.3 Set 'key-string'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.6 Set 'authentication key-chain'CIS Cisco IOS XE 17.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.1.8 Set 'ip authentication key-chain eigrp'CIS Cisco IOS XE 16.x v2.1.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.5 Ensure permissions on /etc/hosts.deny are configuredCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1 Basic Fiber Channel ConfigurationCIS Cisco NX-OS L2 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Intune for Windows 10 v3.0.1 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Intune for Windows 11 v3.0.1 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Intune for Windows 10 v3.0.1 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Intune for Windows 11 v3.0.1 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.1.3.1 autoconf6CIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.1.3.2 ndpd-hostCIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.1.3.3 ndpd-routerCIS IBM AIX 7.2 L2 v1.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.3 Ensure password reuse is limitedCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.3 Ensure default group for the root account is GID 0CIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.6 Ensure access to the su command is restricted - /etc/groupCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.11 Ensure no unowned files or directories existCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.12 Ensure no ungrouped files or directories existCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.5 Ensure root is the only UID 0 accountCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.6 Ensure root PATH IntegrityCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.11 Ensure no users have .forward filesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.12 Ensure no users have .netrc filesCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.14 Ensure no users have .rhosts filesCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.16 Ensure no duplicate UIDs existCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.20 Ensure shadow group is emptyCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.20 Ensure shadow group is emptyCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

9.4 Ensure KeepAliveTimeout is Set to a Value of 15 or LessCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeoutCIS Apache HTTP Server 2.4 L1 v2.1.0 MiddlewareUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - RequestReadTimeoutCIS Apache HTTP Server 2.4 L1 v2.1.0Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.5 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v3.0.0 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT