Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
Item Search
Audits
Item Search
Filters (1)
Description
Filename
Plugin
References
Control ID
Relevance
Description
Plugin
Filename
References (Active)
Search by References
Clear All
‹‹ Previous
Previous
Page 1 of 16
• 771 Total
Next
Next ››
Name
Audit Name
Plugin
Category
3.1.1 Ensure IP forwarding is disabled - sysctl
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Ensure packet redirect sending is disabled - sysctl ipv4 default send
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.1.2 Set 'no ip proxy-arp'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.1.3 Set 'no interface tunnel'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.1.4 Set 'ip verify unicast source reachable-via'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Ensure source routed packets are not accepted - /etc/sysctl ipv4 all acccept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Default deny configured'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 0.0.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 10.0.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 127.0.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 127.0.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 127.0.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 169.254.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 169.254.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 172.16.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 172.16.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.0.2.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.0.2.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.168.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 192.168.0.0'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 224.0.0.0'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 224.0.0.0'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny host 255.255.255.255'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny host 255.255.255.255'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny internal networks'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny internal networks'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - External interface has ACL applied
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - External interface has ACL applied
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.2.2 Set inbound 'ip access-group' on the External Interface
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.2.6 Ensure bogus ICMP responses are ignored - /etc/sysctl
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3 Ensure 'Passive Link State' and 'Preemptive' are configured appropriately - Election Setings
CIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
Palo_Alto
3.3.1 Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 all accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.1 Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default accept
CIS SUSE Linux Enterprise Server 11 L1 v2.1.0
Unix
3.3.1.2 Set 'key'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.3.1.2 Set 'key'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.5 Set 'af-interface default'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.1.6 Set 'authentication key-chain'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.8 Set 'ip authentication key-chain eigrp'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.1.9 Set 'ip authentication mode eigrp'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.2.1 Set 'authentication message-digest' for OSPF area
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.3.2.2 Set 'ip ospf message-digest-key md5'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.2.2 Set 'ip ospf message-digest-key md5'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.3.1 Set 'key chain'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.3.2 Set 'key'
CIS Cisco IOS 16 L2 v1.1.0
Cisco
3.3.3.2 Set 'key'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.3.4 Set 'ip rip authentication key-chain'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.3.4 Set 'ip rip authentication key-chain'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.3.5 Set 'ip rip authentication mode' to 'md5'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
3.3.4.1 Set 'neighbor password'
CIS Cisco IOS 15 L2 v4.1.0
Cisco
3.3.4.1 Set 'neighbor password'
CIS Cisco IOS 16 L2 v1.1.1
Cisco
‹‹ Previous
Previous
Page 1 of 16
• 771 Total
Next
Next ››
