Item Search

NameAudit NamePluginCategory
1.1.4 Ensure nosuid option set on /tmp partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.4.2 Ensure XD/NX support is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SYSTEM AND INFORMATION INTEGRITY

1.5.1.1 Ensure message of the day is configured properlyCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.2 Ensure local login warning banner is configured properlyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.5 Ensure permissions on /etc/issue are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2.5 Ensure 'REMOTE_LISTENER' Is EmptyCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.16 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

3.2.3 Ensure secure ICMP redirects are not acceptedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.8 Ensure TCP SYN Cookies is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

4.1 Ensure All Default Passwords Are ChangedCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

4.1.1.3 Ensure logging is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure journald is configured to compress large log filesCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2 Ensure All Sample Data And Users Have Been RemovedCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

4.2 Ensure All Sample Data And Users Have Been RemovedCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any UserCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Job Scheduler" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Job Scheduler" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" PackageCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on "Non-default" PackagesCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.5 Ensure SSH LogLevel is appropriateCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.6 Ensure SSH X11 forwarding is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.9 Ensure SSH HostbasedAuthentication is disabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.1.21 Ensure SSH MaxStartups is configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.16 Ensure 'GRANT ANY PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.2 Ensure system accounts are securedCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

6.1.5 Ensure the 'DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.6 Ensure permissions on /etc/shadow- are configuredCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure the 'DIRECTORY' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.1 Ensure password fields are not emptyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.2 Ensure no legacy "+" entries exist in /etc/passwdCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.2.3 Ensure no legacy "+" entries exist in /etc/shadowCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL

6.2.7 Ensure all users' home directories existCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.13 Ensure users' .netrc Files are not group or world accessibleCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is EnabledCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.20 Ensure shadow group is emptyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT