Item Search

NameAudit NamePluginCategory
1.4 Use Secure Upstream Caching DNS ServersCIS BIND DNS v1.0.0 L2 Caching Only Name ServerUnix

ACCESS CONTROL

6.9 Ensure that PAN-DB URL Filtering is usedCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

6.10 Ensure that URL Filtering uses the action of block or override on the URL categoriesCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

6.13 Ensure secure URL filtering is enabled for all security policies allowing traffic to the InternetCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.8.22.1.6 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.8.22.1.6 Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL

18.8.22.1.8 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2Windows

ACCESS CONTROL

18.8.22.1.8 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

ARST-RT-000060 - The Arista BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

ACCESS CONTROL

CIS Control 7 (7.7) Use of DNS Filtering ServicesCAS Implementation Group 1 Audit FileUnix

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco IOS Router RTR v1r4Cisco

ACCESS CONTROL

CISC-RT-000540 - The Cisco BGP switch must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Cisco NX-OS Switch RTR v1r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - ip as-path access-listDISA STIG Cisco IOS Router RTR v1r4Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - ip as-path access-listDISA STIG Cisco IOS XE Router RTR v2r1Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco IOS Router RTR v1r4Cisco

ACCESS CONTROL

CISC-RT-000550 - The Cisco BGP switch must be configured to reject route advertisements from CE switches with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA STIG Cisco NX-OS Switch RTR v1r1Cisco

ACCESS CONTROL

Determine if a host has passwords saved or not saved for specific sites with Mozilla Firefox.TNS File Analysis - Adult Media Browser UsageFileContent

ACCESS CONTROL

Determine if host has bookmarked adult content with Internet Explorer.TNS File Analysis - Adult Media Browser UsageFileContent

ACCESS CONTROL

Determine if host has browsed adult content with Internet Explorer.TNS File Analysis - Adult Media Browser UsageFileContent

ACCESS CONTROL

GEN000000-AIX00040 - The securetcpip command must be usedDISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX00040 - The securetcpip command must be used - /etc/security/config has been configuredDISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX00040 - The securetcpip command must be used.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0200 - The system must not allow directed broadcasts to gateway.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0220 - The system must provide protection for the TCP stack against connection resets, SYN, and data injection attacks.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0230 - The system must provide protection against IP fragmentation attacks.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0300 - The system must not have the bootp service active.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0300 - The system must not have the bootp service active.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist.DISA STIG AIX 5.3 v1r2Unix

ACCESS CONTROL

GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist.DISA STIG AIX 6.1 v1r14Unix

ACCESS CONTROL

GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00140 - The /usr/aset/masters/uid_aliases must be empty.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000000-SOL00420 - Hidden extended file attributes must not exist on the system.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN004360 - The alias file must be owned by root.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN004360 - The alias file must be owned by root.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN004380 - The alias file must have mode 0644 or less permissive.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN004380 - The alias file must have mode 0644 or less permissive.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

JUEX-RT-000060 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

JUEX-RT-000100 - The Juniper router configured for BGP must reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.DISA Juniper EX Series Router v2r1Juniper

ACCESS CONTROL

JUNI-RT-000530 - The Juniper BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute.DISA STIG Juniper Router RTR v1r4Juniper

ACCESS CONTROL

JUNI-RT-000535 - The Juniper BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer - as-pathDISA STIG Juniper Router RTR v1r4Juniper

ACCESS CONTROL

WatchGuard : Review ABS Policy ListingTNS Best Practice WatchGuard Audit 1.0.0WatchGuard

ACCESS CONTROL