Item Search

Name	Audit Name	Plugin	Category
Ensure /etc/hosts.deny is configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure AIDE is installed - dpkg	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure all users' home directories exist	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure at/cron is restricted to authorized users - cron.allow	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL
Ensure broadcast ICMP requests are ignored - sysctl	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure DCCP is disabled	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure GDM login banner is configured - banner-message-enable	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL
Ensure HTTP Proxy Server is not enabled	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 default accept	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure IMAP and POP3 server is not enabled	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure IP forwarding is disabled - /etc/sysctl	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure IPv6 router advertisements are not accepted - sysctl ipv6 default accept	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure LDAP client is not installed - dpkg	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure LDAP client is not installed - rpm	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure ntp is configured - restrict -6	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure package manager repositories are configured - zypper	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND INFORMATION INTEGRITY
Ensure packet redirect sending is disabled - /etc/sysctl ipv4 default send	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure packet redirect sending is disabled - sysctl ipv4 default send	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure password expiration warning days is 7 or more	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	IDENTIFICATION AND AUTHENTICATION
Ensure password reuse is limited - pam_pwhistory.so	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	IDENTIFICATION AND AUTHENTICATION
Ensure password reuse is limited - pam_unix.so	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	IDENTIFICATION AND AUTHENTICATION
Ensure permissions on /etc/cron.daily are configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure permissions on /etc/hosts.allow are configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure permissions on /etc/hosts.deny are configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure permissions on /etc/shadow are configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	IDENTIFICATION AND AUTHENTICATION
Ensure prelink is disabled - rpm	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure remote rsyslog messages are only accepted on designated log hosts - ModLoad	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure rsh client is not installed - dpkg	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure SCTP is disabled	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 default secure	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure separate partition exists for /var/log	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
Ensure separate partition exists for /var/log/audit	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
Ensure session initiation information is collected - auditctl wtmp	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure SSH LogLevel is set to INFO	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure SSH PermitUserEnvironment is disabled	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure SSH Protocol is set to 2	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure SSH warning banner is configured	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	ACCESS CONTROL
Ensure successful file system mounts are collected - auditctl b32	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure successful file system mounts are collected - b64	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure suspicious packets are logged - sysctl ipv4 default log_martians	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure syslog-ng is configured to send logs to a remote log host - log src	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure system is disabled when audit logs are full - 'action_mail_acct = root'	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure talk client is not installed - rpm	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure TCP SYN Cookies is enabled - sysctl	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure TCP Wrappers is installed - rpm	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Ensure the audit configuration is immutable	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT
Ensure time synchronization is in use	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EACCES	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	AUDIT AND ACCOUNTABILITY
Ensure users' home directories permissions are 750 or more restrictive	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search