Item Search

NameAudit NamePluginCategory
/etc/audit/rules.d/*.rules b32CIS Amazon Linux 2 v3.0.0 L2Unix
/etc/groupCIS Amazon Linux 2 v3.0.0 L2Unix
/etc/gshadowCIS Amazon Linux 2 v3.0.0 L2Unix
/etc/sudoersCIS Amazon Linux 2 v3.0.0 L2Unix
/etc/sudoers.dCIS Amazon Linux 2 v3.0.0 L2Unix
1.1.1.7 Ensure udf kernel module is not availableCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

1.1.2.5.1 Ensure separate partition exists for /var/tmpCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

1.1.7 Ensure separate partition exists for /var/tmpCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.1.5 - MobileIron - Set the 'timeout' for 'Time without user input before password must be re-entered (in minutes)'MobileIron - CIS Google Android 4 v1.0.0 L1MDM

ACCESS CONTROL

2.2.20 Ensure X window server services are not in useCIS Amazon Linux 2 v3.0.0 L2Unix

CONFIGURATION MANAGEMENT

3.2 Ensure 'debug' is turned off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Ensure Server Header is removed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

CONFIGURATION MANAGEMENT

4.1.1.3 Ensure audit logs are not automatically deletedCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure events that modify date and time information are collected - auditctl clock_settime (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify user/group information are collected - /etc/security/opasswdCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.6 Ensure events that modify the system's network environment are collected - /etc/sysconfig/network-scriptsCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/hostsCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.6 Ensure events that modify the system's network environment are collected - auditctl /etc/issueCIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure login and logout events are collected - /var/log/faillockCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Aliyun Linux 2 L2 v1.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.10 Ensure discretionary access control permission modification events are collected - auditctl setxattr/lsetxattr/fsetxattr (32-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.10 Ensure discretionary access control permission modification events are collected - chown/fchown/fchownat (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.13 Ensure successful file system mounts are collected - (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.14 Ensure file deletion events by users are collected - auditctl (64-bit)CIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.15 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoersCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.16 Ensure system administrator actions (sudolog) are collectedCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmodCIS Aliyun Linux 2 L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Ensure 'maxURL request filter' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.4 Ensure non-ASCII characters in URLs are not allowed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

4.5.3.1 Ensure nologin is not listed in /etc/shellsCIS Amazon Linux 2 v3.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

5.2.1.1 Ensure audit is installedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recordedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.6 Ensure SSH X11 forwarding is disabledCIS Aliyun Linux 2 L2 v1.0.0Unix

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure HSTS Header is set - SitesCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installedCIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

18.2.4 Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

OS is 64 bitCIS Aliyun Linux 2 L2 v1.0.0Unix
SLES-12-010210 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).DISA SLES 12 STIG v3r1Unix

IDENTIFICATION AND AUTHENTICATION

SLES-15-010260 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).DISA SLES 15 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

Verify .net extensibility is installed - ASPNET45CIS IIS 10 v1.2.1 Level 2Windows
Verify .net extensibility is installed - NetFxExtensibility45CIS IIS 10 v1.2.1 Level 2Windows