Item Search

NameAudit NamePluginCategory
1.5 Ensure Data Cluster Initialized SuccessfullyCIS PostgreSQL 11 OS v1.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure all AppArmor Profiles are in enforce or complain mode - loadedCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

1.6.2.4 Ensure SETroubleshoot is not installedCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

1.7.1.2 Ensure AppArmor is enabled in the bootloader configuration - securityCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - unconfinedCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - complainCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/groupCIS PostgreSQL 10 OS v1.0.0Unix

ACCESS CONTROL

2.2.1.6 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.6 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.6 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.18 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

2.3.1 Ensure 'Managed Safari Web Domains' is `Configured`AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.3.15.2 Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

2.8 Set Other Permissions Read-Only for All BIND Directories and Files - directoriesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

3.1.6 Ensure the log file permissions are set correctlyCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2MDM

ACCESS CONTROL

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

ACCESS CONTROL

3.2.1.18 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.19 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.20 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.21 Ensure 'Allow Handoff' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.21 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.23 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.25 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2MDM

ACCESS CONTROL

3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly RestrictedCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

3.12 Ensure Group Write Access for the Document Root Directories and Files Is Properly RestrictedCIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from allCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Deny = from allCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Deny directives exist'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Order = Deny,AllowCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Require all deniedCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'No Order/Deny/Allow'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.4 Ensure OverRide Is Disabled for All DirectoriesCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.4 Restrict Access to All Key Files - permissionsCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

4.5 Ensure Row Level Security (RLS) is configured correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS CentOS 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL

6.2.10 Ensure users' dot files are not group or world writableCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

6.2.10 Ensure users' dot files are not group or world writableCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

11.2 Ensure Apache Processes Run in the httpd_t Confined ContextCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

ACCESS CONTROL

19.7.26.1 Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows Server v1909 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)MSCT Windows 10 v1507 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)MSCT Windows Server 2012 R2 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)MSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT