Item Search

NameAudit NamePluginCategory
1.1 Remove extraneous files and directories - /webapps/docsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only)CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

3.2 Disable the Shutdown portCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

3.5 Retain install.log for 365 or more daysCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable 'Show Wi-Fi status in menu bar'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.5 Ensure ftp server is not runningCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

4.7 Restrict access to Tomcat web application directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1 Configure account lockout thresholdCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.2.5 Complex passwords must contain a Special CharacterCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Complex passwords must contain uppercase and lowercase lettersCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix
5.2.8 Password HistoryCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.7 Do not enable the 'root' accountCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

5.36 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

5.37 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

6.1.2 Disable 'Show password hints'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

6.1.4 Disable 'Allow guests to connect to shared folders' - SMB SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.4 Ensure directory in context.xml is a secure location - configurationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.2 Disabling auto deployment of applicationsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

ACCESS CONTROL

18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.10.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

ACCESS CONTROL

18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

CIS Control 12 (12.4(b)) Deny Communications Over Unauthorized PortsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 13 (13.1) Maintain an Inventory of Sensitive InformationCAS Implementation Group 1 Audit FileUnix

CONFIGURATION MANAGEMENT

CIS_Fedora_28_Family_Linux_Server_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0CIS Fedora 19 Family Linux Server L1 v1.0.0Unix
CIS_Microsoft_Exchange_Server_2016_Level_1_Hub_v1.0.0.audit from CIS Microsoft Exchange Server 2016 v1.0.0 BenchmarkCIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

CIS_Microsoft_Office_Access_2013_v1.0.1_Level_1.audit from CIS Microsoft Office Access 2013 Benchmark v1.0.1CIS Microsoft Office Access 2013 v1.0.1Windows
CIS_Microsoft_Office_Access_2016_v1.0.1_Level_1.audit from CIS Microsoft Office Access 2016 Benchmark v1.0.1CIS Microsoft Office Access 2016 v1.0.1Windows
CIS_Microsoft_Office_Outlook_2013_v1.1.0_Level_1.audit from CIS Microsoft Office Outlook 2013 Benchmark v1.1.0CIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows
CIS_Microsoft_Office_Outlook_2016_v1.0.1_Level_1.audit from CIS Microsoft Office Outlook 2016 Benchmark v1.0.1CIS Microsoft Office Outlook 2016 v1.1.0 Level 1Windows
CIS_Microsoft_Office_PowerPoint_2013_v1.0.1_Level_1.audit from CIS Microsoft Office PowerPoint 2013 Benchmark v1.0.1CIS Microsoft Office PowerPoint 2013 v1.0.1Windows
CIS_Mozilla_Firefox_ESR_GPO_v1.0.0_L1.audit from CIS Mozilla Firefox ESR GPO Benchmark v1.0.0CIS Mozilla Firefox ESR GPO v1.0.0 L1Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Windows OS L2 v2.0.0Windows
CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_UNIX_L1.audit from CIS Oracle MySQL 5.6 Community Edition BenchmarkCIS MySQL 5.6 Community Linux OS L1 v2.0.0Unix
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0Windows
CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition BenchmarkCIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0Windows
JUEX-NM-000520 - The Juniper EX switch must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions.DISA Juniper EX Series Network Device Management v2r2Juniper

MAINTENANCE