Item Search

NameAudit NamePluginCategory
1.6.2 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Oracle Linux 8 Server L1 v3.0.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.3 Ensure system wide crypto policy disables sha1 hash and signature supportCIS AlmaLinux OS 9 v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.1.7 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured - sshd_configCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to ''CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.1 Ensure X Window System is not installedCIS Debian 10 Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

2.2.1 Ensure X Window System is not installedCIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1Unix

CONFIGURATION MANAGEMENT

2.2.1 Ensure X Window System is not installedCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

3.5.1.1 Ensure firewalld is installed - iptablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.1 Ensure firewalld is installed - iptablesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.7 Ensure events that modify the system's network environment are collected - /etc/issue.netCIS Distribution Independent Linux Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - /etc/sysconfig/networkCIS Amazon Linux 2 STIG v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - auditctl /etc/issueCIS Amazon Linux 2 STIG v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - auditctl /etc/issue.netCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - auditctl b32 sethostnameCIS Distribution Independent Linux Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - auditctl b64 sethostnameCIS Distribution Independent Linux Server L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - b64 sethostnameCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.7 Enable IPtablesCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Do not disable AppArmor ProfileCIS Docker 1.13.0 v1.0.0 L1 DockerUnix

ACCESS CONTROL

5.2 Ensure that, if applicable, an AppArmor Profile is enabledCIS Docker v1.7.0 L1 Docker - LinuxUnix

SYSTEM AND INFORMATION INTEGRITY

5.16 Do not share the host's IPC namespaceCIS Docker 1.11.0 v1.0.0 L1 DockerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

8.8 Secure the permissions of the SSLconfig.ini fileCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows
DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-006 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown macro viruses.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-009 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-018 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to allow access to files if scanning times out.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

SYSTEM AND INFORMATION INTEGRITY

DTAVSEL-200 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must scan all media used for system maintenance prior to use.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5Unix

MAINTENANCE

DTAVSEL-201 - The McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source.McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6Unix

CONFIGURATION MANAGEMENT

FFOX-00-000004 - Firefox must be configured to not automatically check for updated versions of installed search plugins.DISA STIG Mozilla Firefox MacOS v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000004 - Firefox must be configured to not automatically check for updated versions of installed search plugins.DISA STIG Mozilla Firefox Linux v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000010 - Firefox must be configured to prevent JavaScript from moving or resizing windows.DISA STIG Mozilla Firefox MacOS v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000011 - Firefox must be configured to prevent JavaScript from raising or lowering windows.DISA STIG Mozilla Firefox Linux v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000011 - Firefox must be configured to prevent JavaScript from raising or lowering windows.DISA STIG Mozilla Firefox MacOS v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000026 - Firefox extension recommendations must be disabled.DISA STIG Mozilla Firefox Linux v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000026 - Firefox extension recommendations must be disabled.DISA STIG Mozilla Firefox MacOS v6r5Unix

CONFIGURATION MANAGEMENT

FFOX-00-000037 - Firefox encrypted media extensions must be disabledDISA STIG Mozilla Firefox Windows v6r5Windows

CONFIGURATION MANAGEMENT

OL6-00-000011 - System security patches and updates must be installed and up-to-date.DISA STIG Oracle Linux 6 v2r7Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-07-040100 - The Red Hat Enterprise Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Specifies whether the display-capture permissions-policy is checked or skippedMSCT edge v96 v1.0.0Windows

CONFIGURATION MANAGEMENT

Specifies whether the display-capture permissions-policy is checked or skippedMSCT Edge v107 v1.0.0Windows

CONFIGURATION MANAGEMENT

VCPG-70-000001 - VMware Postgres must limit the number of connections.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

ACCESS CONTROL