Item Search

NameAudit NamePluginCategory
1.1.2.6.1 Ensure separate partition exists for /var/logCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

1.1.13 Ensure separate partition exists for /homeCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1.5 Ensure the SELinux mode is enforcingCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcingCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL

1.6.1.4 Ensure SETroubleshoot is not installedCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.4 Ensure 'forms authentication' is set to use cookies - ApplicationCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.8 Ensure 'credentials' are not stored in configuration files - DefaultCIS IIS 10 v1.2.1 Level 2Windows

IDENTIFICATION AND AUTHENTICATION

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure tipc kernel module is not availableCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

3.3 Ensure custom error messages are not off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Ensure 'httpcookie' mode is configured for session state - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.11 Ensure 'encryption providers' are locked downCIS IIS 8.0 v1.5.1 Level 2Windows

ACCESS CONTROL

4.1.4 Ensure events that modify date and time information are collected - /etc/localtimeCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.4 Ensure events that modify date and time information are collected - adjtimexCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.4 Ensure events that modify date and time information are collected - clock_settime (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - /etc/issue.netCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/networkCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/sysconfig/network-scriptsCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - sethostname (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.9 Ensure session initiation information is collected - /var/run/utmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure successful file system mounts are collected - auditctl (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoersCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.dCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collected - auditctlCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.8 Ensure sshd DisableForwarding is enabledCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.2.9 Ensure sshd GSSAPIAuthentication is disabledCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.4.1.6 Ensure root access is disabled or blocked.CIS IBM AIX 7 v1.0.0 L1Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.1.4 Ensure auditd service is enabledCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.2.1 Ensure audit log storage size is configuredCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.2.3 Ensure system is disabled when audit logs are fullCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.10 Ensure successful file system mounts are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.11 Ensure session initiation information is collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

7.1 Ensure HSTS Header is set - ServerCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure TLS 1.0 is disabledCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.14 Ensure TLS Cipher Suite ordering is configuredCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

8.4.20 Ensure memSchedFakeSampleStats is disabledCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT

18.9.35.1 (L1) Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

CONFIGURATION MANAGEMENT

DTOO113 - Excel - Open/Save actions for Excel 2 macrosheets and add-in files must be blocked.DISA STIG Office 2010 Excel v1r11Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN003080-2 - Files in cron script directories must have mode 0700 or less permissive - '/etc/cron.monthly/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - JAVA_OPTIONSOracle WebLogic Server 12c Linux v2r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WBLC-05-000177 - Oracle WebLogic must utilize FIPS 140-2 approved encryption modules when authenticating users and processes - PRE_CLASSPATHOracle WebLogic Server 12c Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION