1.0.4 Use non-standard account names - '!= dasusr1' | CIS IBM DB2 OS L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
1.0.4 Use non-standard account names - '!= db2admin' | CIS IBM DB2 OS L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
1.0.4 Use non-standard account names - '!= db2fenc1' | CIS IBM DB2 OS L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1.1.4 Ensure mounting of hfs filesystems is disabled | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.10 Ensure 'Install unknown apps' is set to 'Disabled' | AirWatch - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
1.27 Ensure 'Instant apps' is set to 'Disabled' | AirWatch - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devices | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.1.10 Ensure rsync service is not enabled | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
2.2 Ensure that WMI probing is disabled | CIS Palo Alto Firewall 6 Benchmark L2 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
2.04 tkprof - 'Remove from system' - removed | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | CONFIGURATION MANAGEMENT |
2.4.1 Disable Remote Apple Events | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.6 Disable DVD or CD Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.8 Disable File Sharing - SMB | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.9 Disable Remote Management - 'ARDAgent is not running' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.07 otrace - 'Disable' - no .dat files | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | CONFIGURATION MANAGEMENT |
2.8 Ensure 'YouTube Watch History' is set to 'Disabled' | MobileIron - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
2.23 Disable Mounting of squashfs Filesystems | CIS Debian Linux 7 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
2.24 Disable Mounting of udf Filesystems | CIS Debian Linux 7 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
3.1 Disable login prompts on serial ports (ttyd2) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
3.3 Ensure 'Allow third-party cookies' is set to 'Disabled' | MobileIron - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
3.3.7 Disable unused task scheduler | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
3.3.7 Disable unused task scheduler - 'sched_enable = off' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
3.4.2.3 Ensure nftables is not enabled - disabled | CIS Red Hat EL8 Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
3.4.3.7 Ensure nftables service is enabled | CIS Red Hat EL8 Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
3.5 Disable the email server if possible (sendmail_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.5 Disable the email server if possible (sendmail_outbound_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.5 Disable the email server if possible (sendmail_submit_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.7 Only enable other RPC-based services if absolutely necessary (rpc_statd_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
3.9 Only enable NFS client processes if absolutely necessary | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts - InputTCPServerRun | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
4.6 Ensure nfs server is not running | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
4.17 spfile<sid>.ora - 'Remove the following from the spfile: dispatches= (PROTOCOL=TCP) (SERVICE=<sid>XDB)' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | CONFIGURATION MANAGEMENT |
4.29 cman.ora - 'remote_admin = NO' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | CONFIGURATION MANAGEMENT |
5.1.7 Ensure tftp-server is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
6.2.11 Ensure no users have .forward files | CIS SUSE Linux Enterprise Server 12 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
7.5.2 Disable SCTP | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
8.5 Remove default databases | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
13.19 Check for Presence of User .forward Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
Access Security - Disable insecure or unnecessary access services (telnet, J-Web over HTTP, FTP, etc.) - tftp-server | Juniper Hardening JunOS 12 Devices Checklist | Juniper | CONFIGURATION MANAGEMENT |