Item Search

NameAudit NamePluginCategory
1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing=0CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux=0CIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux=0CIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

1.6.1.6 Ensure no unconfined daemons existCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.6.1.6 Ensure no unconfined daemons existCIS CentOS 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.6.2.2 Ensure the SELinux state is enforcingCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.2.3 Ensure SELinux policy is configuredCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.6.3.2 Ensure all AppArmor Profiles are enforcing - 0 profiles are in complain modeCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.3.2 Ensure all AppArmor Profiles are enforcing - profiles are loadedCIS Distribution Independent Linux Server L2 v2.0.0Unix

ACCESS CONTROL

2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.9 Ensure 'Allow Handoff' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2MDM

ACCESS CONTROL

2.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

ACCESS CONTROL

3.2.1.19 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.22 Ensure 'Allow Handoff' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.23 Ensure 'Require Touch ID / Face ID authentication before AutoFill' is set to 'Enabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.24 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.25 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.3.1 Ensure 'Managed Safari Web Domains' is `Configured`MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

3.6.2 Ensure 'Allow Mail Drop' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2MDM

ACCESS CONTROL

3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly RestrictedCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

3.12 Ensure Group Write Access for the Document Root Directories and Files Is Properly RestrictedCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Allow directives exist'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf no Require directives exist'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Order = Deny,AllowCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.1 Ensure Access to OS Root Directory Is Denied By Default - 'httpd.conf Require all deniedCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'No Order/Deny/Allow'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

4.4 Restrict Access to All Key Files - permissionsCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Oracle Linux 6 Server L2 v2.0.0Unix

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

ACCESS CONTROL

6.2.8 Ensure users' home directories permissions are 750 or more restrictiveCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.2.9 Ensure users own their home directoriesCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.2.9 Ensure users own their home directoriesCIS Distribution Independent Linux Server L1 v2.0.0Unix

ACCESS CONTROL

10.2 Ensure BIND Processes Run in the named_t Confined Context TypeCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

11.1 Ensure SELinux Is Enabled in Enforcing ModeCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

ACCESS CONTROL

11.3 Ensure the httpd_t Type Is Not in Permissive ModeCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows 10 v20H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)MSCT Windows 10 v21H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)MSCT Windows Server 2016 MS v1.0.0Windows

CONFIGURATION MANAGEMENT