1.2 Enable Auto Update | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
1.4 Enable system data files and security update installs - 'CriticalUpdateInstall' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
1.4.1 Ensure 'Idle timeout' is less than or equal to 10 minutes for device management | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
2.1.3 Show Bluetooth status in menu bar | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
2.4.3 Disable Screen Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.5 Ensure proper SNMP configuration - 'community name private does not exist' | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.6.2 Enable Gatekeeper | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.6.4 Enable Firewall Stealth Mode | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
2.9 Pair the remote control infrared receiver if enabled - 'DeviceEnabled = 0' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
3.1.1 Retain system.log for 90 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
3.1.2 Retain appfirewall.log for 90 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
4.4 Ensure http server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
4.4 Verify Active Directory group membership for the 'ESX Admins' group | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
4.5 Restrict access to Tomcat temp directory | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.10 Restrict access to Tomcat context.xml | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
4.14 Restrict access to Tomcat web.xml | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
5.2.3 Complex passwords must contain an Alphabetic Character - 'RequiresAlpha' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
5.2.7 Password Age | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.8 Disable automatic login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
5.10 Verify contents of exposed configuration files | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
5.11 Disable ability to login to another user's active and locked session | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
5.12 Create a custom message for the Login Screen | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
6.3 Mask and zone SAN resources appropriately | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
6.5 Ensure 'sslProtocol' is Configured Correctly for Secure Connectors | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web application | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
7.5 Ensure pattern in context.xml is correct | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
8.2.1 Disconnect unauthorized devices - Floppy Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | MEDIA PROTECTION |
8.3.2 Minimize use of the VM console | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
8.4.2 Control VMsafe Agent Address | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.4.3 Control VMsafe Agent Port | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.4.14 Disable Shell Action | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
8.4.18 Disable Unity | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
8.6.3 Disable virtual disk wiping | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
10.3 Restrict manager application | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | ACCESS CONTROL |
10.4 Force SSL when accessing the manager application via HTTP | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
10.5 Rename the manager application - webapps/manager | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
10.6 Enable strict servlet Compliance | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
10.8 Do not allow additional path delimiters - ALLOW_BACKSLASH | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
10.11 Force SSL for all applications | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
10.13 Do not run applications as privileged | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
10.19 Ensure Manager Application Passwords are Encrypted | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |