Item Search

NameAudit NamePluginCategory
1.1.1.5 Ensure squashfs kernel module is not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure udf kernel module is not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.1.1 Ensure /tmp is tmpfs or a separate partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.2.1 Ensure /dev/shm is tmpfsCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.2.2 Ensure nodev option set on /dev/shm partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.6.4 Ensure noexec option set on /var/log partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.2.2 Ensure gpgcheck is globally activatedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.4.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.5 (L1) Host integrated hardware management controller must be secureCIS VMware ESXi 8.0 v1.3.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, MAINTENANCE

1.5.3 Ensure fs.protected_symlinks is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

1.6.3 Ensure remote login warning banner is configured properlyCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6.4 Ensure access to /etc/motd is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.6.6 Ensure access to /etc/issue.net is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.7.7 Ensure GDM disabling automatic mounting of removable media is not overriddenCIS Debian Linux 12 v1.1.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.7.7 Ensure GDM disabling automatic mounting of removable media is not overriddenCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.7.7 Ensure GDM disabling automatic mounting of removable media is not overriddenCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

2.2.1 Ensure autofs services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.2 Ensure avahi daemon services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.2.3 Ensure dhcp server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.9 Ensure network file system services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.12 Ensure rpcbind services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.15 Ensure telnet server services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.3.4 Ensure telnet client is not installedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.1.2 Ensure wireless interfaces are not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

3.2.3 Ensure tipc kernel module is not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.2 Ensure net.ipv4.conf.all.forwarding is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.4 Ensure net.ipv4.conf.all.send_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.6 Ensure net.ipv4.icmp_ignore_bogus_error_responses is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1.10 Ensure net.ipv4.conf.all.secure_redirects is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

4.10.9.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v4.0.0 BLWindows

MEDIA PROTECTION

4.10.9.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Intune for Windows 10 v4.0.0 BLWindows

SYSTEM AND INFORMATION INTEGRITY

5.1.1.3 Ensure access to /etc/cron.hourly is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.16 Ensure only FIPS 140-2 ciphers are used for SSHCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Windows 7 Workstation Bitlocker v3.2.0Windows

MEDIA PROTECTION

18.8.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

18.8.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 BLWindows

MEDIA PROTECTION

18.9.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

MEDIA PROTECTION

18.9.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 BLWindows

MEDIA PROTECTION

18.9.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

MEDIA PROTECTION

18.9.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Stand-alone v5.0.0 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.10 (L1) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

GEN006460 - Any NIS+ server must be operating at security level 2.DISA AIX 5.3 STIG v1r2Unix

CONFIGURATION MANAGEMENT

GEN006460 - Any NIS+ server must be operating at security level 2.DISA STIG Solaris 10 X86 v2r4Unix

CONFIGURATION MANAGEMENT