Item Search

NameAudit NamePluginCategory
1.1.1 Ensure that the API server pod specification file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.15 Ensure that the scheduler.conf file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.16 Ensure nosuid option set on /dev/shm partitionCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.18 Ensure nodev option set on removable media partitionsCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.18 Ensure nodev option set on removable media partitionsCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.19 Ensure nosuid option set on removable media partitionsCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.19 Ensure nosuid option set on removable media partitionsCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600CIS Kubernetes v1.20 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.23 Ensure that the --service-account-lookup argument is set to trueCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2 Ensure extension directory has appropriate ownership and permissionsCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.2 Ensure extension directory has appropriate ownership and permissionsCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

2.3.4.1 Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators'CIS Microsoft Windows Server 2016 DC L1 v1.2.0Windows

MEDIA PROTECTION

2.3.4.1 Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators'CIS Microsoft Windows Server 2016 MS L1 v1.2.0Windows

MEDIA PROTECTION

2.3.18.4 Ensure 'Never allow users to specify groups when restricting permission for documents' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.3.18.5 Ensure 'Prevent users from changing permissions on rights managed content' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

2.5.10.8.1.2.1 Ensure 'Access to published calendars' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.1.1 Ensure that the kubelet service file permissions are set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 600 or more restrictiveCIS Kubernetes v1.23 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.9 Ensure that the kubelet --config configuration file has permissions set to 600 or more restrictiveCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1 Ensure that the --anonymous-auth argument is set to falseCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2 Ensure that the --authorization-mode argument is not set to AlwaysAllowCIS Kubernetes v1.20 Benchmark v1.0.1 L1 WorkerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.4 Restrict access to Tomcat logs directoryCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.8 Restrict access to Tomcat catalina.propertiesCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.8 Restrict access to Tomcat catalina.propertiesCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.11 Restrict access to Tomcat logging.propertiesCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 10 L1 v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.1 Ensure a dynamic group for guest users is createdCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS CentOS Linux 8 Server L1 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.1.9 Ensure at is restricted to authorized usersCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 12 v3.1.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 12 v3.1.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2 Ensure system accounts are securedCIS SUSE Linux Enterprise 15 Server L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/groupCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/groupCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.6 Ensure access to the su command is restricted - /etc/pam.d/suCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2.13 Ensure all groups in /etc/passwd exist in /etc/groupCIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1Unix

ACCESS CONTROL, MEDIA PROTECTION

7.2.3 Ensure external content sharing is restrictedCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

7.2.4 Ensure OneDrive content sharing is restrictedCIS Microsoft 365 Foundations E3 L2 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

7.2.7 Ensure link sharing is restricted in SharePoint and OneDriveCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

8.1 Restrict runtime access to sensitive packagesCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

9.1.7 Ensure shareable links are restrictedCIS Microsoft 365 Foundations E3 L1 v3.1.0microsoft_azure

ACCESS CONTROL, MEDIA PROTECTION

10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB ClusterCIS MySQL 8.0 Community Database L2 v1.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION