Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.3 Dedicated Name Server RoleCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

2.1.7 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.8 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.8 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.11 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.12 Ensure SQL Server is configured to use non-standard portsCIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.1 Ignore Erroneous or Unwanted Queries - Link local addressesCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

CONFIGURATION MANAGEMENT

3.1 Ignore Erroneous or Unwanted Queries - Multicast addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 10/8; addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 10/8; addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 192.168/16; addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 192.168/16; addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.2.8 Ensure SSH IgnoreRhosts is enabledCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.2.8 Ensure SSH IgnoreRhosts is enabledCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

5.3.9 Ensure SSH IgnoreRhosts is enabledCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

6.1 Hide BIND Version StringCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Hide Nameserver IDCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Hide Nameserver IDCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.4 Ensure the KeepAliveTimeout Is Set ProperlyCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeoutCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.6 Ensure Timeout Limits for the Request Body Are Set Properly - RequestReadTimeoutCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

CONFIGURATION MANAGEMENT

10.2 Ensure the LimitRequestFields Directive is Set to 100 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.3 Ensure the LimitRequestFieldsize Directive is Set to 1024 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

10.4 Ensure the LimitRequestBody Directive is Set to 102400 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - EnableLLTDIOCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNetCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNetCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOndomainCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

Access this computer from the networkMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1903 v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 1903 MS v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2012 R2 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2012 R2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 1903 MS v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION