Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure that the --anonymous-auth argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.1.3 Ensure that the --insecure-allow-any-token argument is not set	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.1.4 Ensure that the --insecure-bind-address argument is not set	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.1.4.1.9 Ensure 'Object Caching Protection' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
1.1.10 Ensure that the admission control policy is set to AlwaysPullImages	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
1.1.30 Ensure that the --etcd-cafile argument is set as appropriate	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.1.34 Ensure that the encryption provider is set to aescbc	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix
1.1.37 Ensure that the --request-timeout argument is set as appropriate	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
1.3.2 Ensure 'Restrict legacy JScript execution for Office' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
1.4.2 Configure Password Encryption	CIS Cisco NX-OS v1.2.0 L2	Cisco	IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION
1.4.3 Ensure that the controller manager pod specification file permissions are set to 644 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.4.3 Set password lifetime, warning time and grace time for local credentials	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
1.4.4 Set password length for local credentials	CIS Cisco NX-OS v1.2.0 L1	Cisco	IDENTIFICATION AND AUTHENTICATION
1.4.8 Ensure that the etcd pod specification file ownership is set to root:root	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
1.5.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - peer-key-file	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
1.5.9 Ensure that a unique Certificate Authority is used for etcd	CIS Kubernetes 1.8 Benchmark v1.2.0 L2	Unix
1.6.9 Place compensating controls in the form of PSP and RBAC for privileged containers usage - clusterrolebinding	CIS Kubernetes 1.8 Benchmark v1.2.0 L2	Unix	CONFIGURATION MANAGEMENT
1.6.9 Place compensating controls in the form of PSP and RBAC for privileged containers usage - rolebinding	CIS Kubernetes 1.8 Benchmark v1.2.0 L2	Unix	CONFIGURATION MANAGEMENT
2.1.1 Ensure that the --allow-privileged argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	ACCESS CONTROL
2.1.2 Ensure that the --anonymous-auth argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
2.1.4.1 Ensure 'Default file format' is set to 'Enabled: Access 2007'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.1.6 Ensure that the --streaming-connection-idle-timeout argument is not set to 0	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.1.7 Ensure that the --protect-kernel-defaults argument is set to true	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.9 Ensure that the --keep-terminated-pod-volumes argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.11 Ensure that the --event-qps argument is set to 0	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.13 Ensure that the --cadvisor-port argument is set to 0	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.1.14 Ensure that the RotateKubeletClientCertificate argument is not set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
2.2.1 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.4 Ensure that the kubelet service file ownership is set to root:root	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.4.6.1 Ensure 'Default file format' is set to 'Enabled: Excel Workbook (*.xlsx)'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.6.3 Ensure 'Do not show AutoRepublish warning alert' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.2.5 Ensure 'Excel 3 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.7 Ensure 'Excel 4 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.11 Ensure 'Excel 95-97 workbooks and templates' is set to 'Enabled: Open/Save Blocked, Use Open Policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.3.6 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.7 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.11 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.5 Ensure 'Turn off file validation' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.8 Ensure that the client certificate authorities file ownership is set to root:root	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
2.11.8.7.2.1.5 Ensure 'Word 2007 and later binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.1.6 Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.2.1 Ensure 'Do not open files from the internet zone in Protected View' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.3 Ensure that the --insecure-allow-any-token argument is not set	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	IDENTIFICATION AND AUTHENTICATION
3.1.3.3 Log OSPF Adjacency Changes	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
3.1.4 Ensure that the --insecure-bind-address argument is not set	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
3.1.7 Ensure that the --profiling argument is set to false	CIS Kubernetes 1.8 Benchmark v1.2.0 L1	Unix	CONFIGURATION MANAGEMENT
3.2.2 Disable ICMP Redirects on all Layer 3 Interfaces	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2 Configure FCoE Zoning	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2 Configure a Remote Backup Schedule	CIS Cisco NX-OS v1.2.0 L1	Cisco	CONTINGENCY PLANNING

Detections

Analytics

Item Search