Item Search

Name	Audit Name	Plugin	Category
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/docs	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
1.1.4.1.1 Ensure 'Add-on Management' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
1.1.4.1.5 Ensure 'Information Bar' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
1.1.5.2 Ensure 'Hide option to enable or disable updates' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2.1.1.4.1.1 Ensure 'Underline hyperlinks' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.1.4.2 Ensure 'Do not prompt to convert older databases' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.6.1 Ensure 'Default file format' is set to 'Enabled: Excel Workbook (*.xlsx)'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.6.3 Ensure 'Do not show AutoRepublish warning alert' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.7.2.1.1 Ensure 'Always prevent untrusted Microsoft Query files from opening' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.2.2 Ensure 'Dif and Sylk files' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.8 Ensure 'Excel 4 workbooks' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.11 Ensure 'Excel 95-97 workbooks and templates' is set to 'Enabled: Open/Save Blocked, Use Open Policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.3.5 Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.7.2.4.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.7.2.7 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.5 Ensure 'Turn off file validation' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.6 Ensure 'WEBSERVICE Function Notification Settings' is set to 'Enabled: Disable all without notification'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.22.3 Ensure 'Control Blogging' is set to 'Enabled: All Blogging Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.23.2 Ensure 'Block opening of pre-release versions of file formats new to PowerPoint 2016 through the Compatibility Pack for Office 2016 and PowerPoint 2016 Converter' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.3.25.1.5 Ensure 'Send personal information' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.27.16 Ensure 'Macro Runtime Scan Scope' is set to 'Enabled: Enable for all documents'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.3.27.17 Ensure 'Protect document metadata for password protected files' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.27.19 Ensure 'Suppress hyperlink warnings' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.3.31.1 Ensure 'Legacy format signatures' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.3.37.3.1 Ensure 'Open Office documents as read/write while browsing' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.7.2 iCloud keychain	CIS Apple macOS 10.12 L2 v1.2.0	Unix	ACCESS CONTROL
2.7.4 iCloud Drive Document sync	CIS Apple macOS 10.12 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.11.8.1.2 Ensure 'Update automatic links at Open' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.11.8.7.2.1.3 Ensure 'Word 2000 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.1.5 Ensure 'Word 2007 and later binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.11 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
3.2 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple macOS 10.12 L2 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
4.7 Restrict access to Tomcat web application directory	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.3 Complex passwords must contain an Alphabetic Character	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.2.5 Complex passwords must contain a Special Character	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.2.6 Complex passwords must uppercase and lowercase letters	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.7 Enable OCSP and CRL certificate checking - CRLStyle	CIS Apple macOS 10.12 L2 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
7.3 Computer Name Considerations	CIS Apple macOS 10.12 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
7.4 Ensure directory in context.xml is a secure location - permissions	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.5 Ensure pattern in context.xml is correct	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
10.6 Enable strict servlet Compliance	CIS Apache Tomcat 9 L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL
MacOS 10.12 Sierra is installed	CIS Apple macOS 10.12 L2 v1.2.0	Unix
Tomcat found	CIS Apache Tomcat 9 L2 v1.2.0	Unix

Detections

Analytics

Item Search