Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.7 Ensure mounting of udf filesystems is disabled - modprobe	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.3 Ensure nodev option set on /tmp partition	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.9 Ensure nosuid option set on /var/tmp partition	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.13 Ensure separate partition exists for /home	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.21 Ensure sticky bit is set on all world-writable directories	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.4.2 Ensure bootloader password is set	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.2 Ensure GDM login banner is configured - banner message enabled	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.7.2 Ensure GDM login banner is configured - banner message text	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.4 Ensure permissions on /etc/motd are configured	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure packet redirect sending is disabled - all /etc/sysctl.conf /etc/sysctl.d/*	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure packet redirect sending is disabled - default /etc/sysctl.conf /etc/sysctl.d/*	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure packet redirect sending is disabled - default sysctl	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure IP forwarding is disabled - ipv4 /etc/sysctl.conf /etc/sysctl.d/*	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure IP forwarding is disabled - ipv4 /etc/sysctl.conf /etc/sysctl.d/*	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Turn Off Remote Command Legacy Mode (DB2RCMD_LEGACY_MODE)	CIS IBM DB2 11 v1.1.0 Linux OS Level 1	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - files 'net.ipv6.conf.default.accept_source_route = 0'	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - 'net.ipv6.conf.default.accept_redirects'	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - files net.ipv4.conf.all.accept_redirects= 0	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.default.accept_redirects= 0	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirects	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - files net.ipv4.conf.default.secure_redirects = 0	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - net.ipv4.conf.all.secure_redirects = 0	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.5 Ensure broadcast ICMP requests are ignored - net.ipv4.icmp_echo_ignore_broadcasts = 1	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.7 Ensure Reverse Path Filtering is enabled - files net.ipv4.conf.default.rp_filter = 1	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.8 Ensure TCP SYN Cookies is enabled - net.ipv4.tcp_syncookies = 1	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.all.accept_ra = 0	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.4 Disable Database Discovery (DISCOVER_DB)	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - /etc/hosts	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/network	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.7 Ensure events that modify the system's network environment are collected - auditctl b64 sethostname	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.11 Ensure discretionary access control permission modification events are collected - b64 chown fchown	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.15 Disable Database Discoverability (DISCOVER_DB)	CIS IBM DB2 11 v1.1.0 Windows OS Level 1	Windows	CONFIGURATION MANAGEMENT
4.1.18 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.7 Ensure permissions on /etc/cron.d are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.12 Ensure SSH PermitUserEnvironment is disabled	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.20 Ensure SSH PAM is enabled	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.23 Ensure SSH MaxSessions is set to 4 or less	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.3 Ensure all users' home directories exist	CIS Debian Family Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.11 Ensure root PATH Integrity	CIS Debian Family Server L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
Big Sur - Disable TouchID Prompt during Setup Assistant	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate	Unix	CONFIGURATION MANAGEMENT
Big Sur - Disable TouchID Prompt during Setup Assistant	NIST macOS Big Sur v1.4.0 - All Profiles	Unix	CONFIGURATION MANAGEMENT
Catalina - Disable TouchID Prompt during Setup Assistant	NIST macOS Catalina v1.5.0 - 800-53r4 High	Unix	CONFIGURATION MANAGEMENT
Catalina - Disable TouchID Prompt during Setup Assistant	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate	Unix	CONFIGURATION MANAGEMENT
Monterey - Disable TouchID Prompt during Setup Assistant	NIST macOS Monterey v1.0.0 - All Profiles	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search