Item Search

NameAudit NamePluginCategory
1.1.4 - AirWatch - Set 'timeout in minutes' for 'Sleep'AirWatch - CIS Google Android 4 v1.0.0 L1MDM

ACCESS CONTROL

5.14 OAS - 'SSL Cipher Suite - Set SSL Cipher Suite. ssl_cipher_suites = SSL_RSA_WITH_3DES_EDE_CBC_SHA'CIS v1.1.0 Oracle 11g OS Windows Level 2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

6.6 Ensure subnets for the Web tier are createdCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND COMMUNICATIONS PROTECTION

8.4.4 (L2) Ensure Guest Host Interaction Protocol Handler is set to disabledCIS VMware ESXi 7.0 v1.4.0 L2VMware

CONFIGURATION MANAGEMENT

8.4.7 (L2) Ensure Unity Window Contents is disabledCIS VMware ESXi 7.0 v1.4.0 L2VMware

CONFIGURATION MANAGEMENT

8.4.7 Disable Guest Host Interaction Protocol HandlerCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.19 (L2) Ensure Guest Host Interaction Launch Menu is disabledCIS VMware ESXi 7.0 v1.4.0 L2VMware

CONFIGURATION MANAGEMENT

18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.2.1 Ensure LAPS AdmPwd GPO Extension / CSE is installedCIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.4 Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

18.2.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

18.2.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.3.1 Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

18.3.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

18.3.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.3.7 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 60 or fewer' (STIG MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes.DISA STIG Cisco ASA VPN v2r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

GEN002820-2 - The audit system must be configured to audit all discretionary access control permission modifications - 'fchmod'DISA STIG for Oracle Linux 5 v2r1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

GEN002820-2 - The audit system must be configured to audit all discretionary access control permission modifications - 'fchmod'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

GEN003080-2 - Files in cron script directories must have mode 0700 or less permissive - '/etc/cron.daily/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN003080-2 - Files in cron script directories must have mode 0700 or less permissive - '/etc/cron.hourly/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN003080-2 - Files in cron script directories must have mode 0700 or less permissive - '/etc/cron.weekly/*'DISA STIG for Oracle Linux 5 v2r1Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents.DISA STIG for Oracle Linux 5 v2r1Unix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

OH12-1X-000254 - OHS must have the SSLFIPS directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000256 - OHS must have the SSLCipherSuite directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000257 - OHS must have the LoadModule ossl_module directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000258 - OHS must have the SSLFIPS directive enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

IDENTIFICATION AND AUTHENTICATION

PANW-NM-000118 - The Palo Alto Networks security platform must not use SNMP Versions 1 or 2DISA STIG Palo Alto NDM v3r2Palo_Alto

MAINTENANCE

WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - JAVA_OPTIONSOracle WebLogic Server 12c Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION

WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATHOracle WebLogic Server 12c Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATHOracle WebLogic Server 12c Linux v2r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WBLC-05-000176 - Oracle WebLogic must use cryptographic modules that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - PRE_CLASSPATHOracle WebLogic Server 12c Windows v2r1Windows

IDENTIFICATION AND AUTHENTICATION