Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled (modprobe)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of freevxfs filesystems is disabled (modprobe)CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.3.5.5 Set 'Domain member: Digitally encrypt or sign secure channel data (always)' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.3.11.2 Set 'Network security: Minimum session security for NTLM SSP based servers' to 'Require NTLMv2 session security'CIS Windows 8 L1 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.20 Ensure sticky bit is set on all world-writable directoriesCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

1.17 Ensure 'Allow remote lock and erase' is set to 'Enabled'MobileIron - CIS Google Android v1.3.0 L1MDM
1.17 Ensure 'Allow remote lock and erase' is set to 'Enabled'AirWatch - CIS Google Android v1.3.0 L1MDM
2.2 Ensure 'Use location' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L2MDM

CONFIGURATION MANAGEMENT

2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

2.3 Ensure 'Back up to Google Drive' is 'Disabled'MobileIron - CIS Google Android v1.3.0 L2MDM
2.3 Ensure 'Back up to Google Drive' is 'Disabled'AirWatch - CIS Google Android v1.3.0 L2MDM
2.6 Ensure 'Voice & Audio Activity' is set to 'Disabled'AirWatch - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.7 Ensure 'YouTube Search History' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.8 Ensure 'YouTube Watch History' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.10 Ensure 'Opt out of Ads Personalization' is set to 'Enabled'AirWatch - CIS Google Android v1.3.0 L1MDM
2.10 Ensure 'Opt out of Ads Personalization' is set to 'Enabled'MobileIron - CIS Google Android v1.3.0 L1MDM
3.1 (L2) Ensure 'AutoFill web forms: User names and passwords' is 'Disabled'CIS MacOS Safari v2.0.0 L2Unix

CONFIGURATION MANAGEMENT

3.2 Ensure 'Location' is set to 'Enabled'MobileIron - CIS Google Android v1.3.0 L1MDM
3.2 Ensure 'Location' is set to 'Enabled'AirWatch - CIS Google Android v1.3.0 L1MDM

ACCESS CONTROL

3.2.1.20 Ensure 'Allow setting up new nearby devices' is set to 'Disabled'AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.2.1.20 Ensure 'Allow setting up new nearby devices' is set to 'Disabled'MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.3 Ensure 'Allow third-party cookies' is set to 'Disabled'MobileIron - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

3.4 Ensure 'Safe Browsing' is set to 'Enabled'AirWatch - CIS Google Android v1.3.0 L1MDM
3.4 Ensure 'Safe Browsing' is set to 'Enabled'MobileIron - CIS Google Android v1.3.0 L1MDM
3.6 Ensure 'Do Not Track' is set to 'Enabled'MobileIron - CIS Google Android v1.3.0 L2MDM
3.6 Ensure 'Do Not Track' is set to 'Enabled'AirWatch - CIS Google Android v1.3.0 L2MDM
4.1 (L2) Ensure 'AutoFill user names and passwords' is 'Disabled'CIS MacOS Safari v2.0.0 L2Unix

CONFIGURATION MANAGEMENT

4.1.13 Ensure successful file system mounts are collected - 'auditctl mounts (64-bit)'CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure successful file system mounts are collected - 'mount' (64-bit)CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure successful file system mounts are collected - auditctl mountsCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

4.1.13 Ensure successful file system mounts are collected - b64 mountsCIS Amazon Linux v2.1.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.4.5 Ensure default user shell timeout is 900 seconds or less - /etc/profileCIS Amazon Linux v2.1.0 L2Unix

ACCESS CONTROL

Ensure default user shell timeout is 900 seconds or less - /etc/profileTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure mounting of FAT filesystems is disabled - lsmodTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure mounting of hfs filesystems is disabled - modprobeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure mounting of jffs2 filesystems is disabled - lsmodTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure mounting of squashfs filesystems is disabled - lsmodTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure successful file system mounts are collected - auditctl b64Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordMSCT Windows Server v2004 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordMSCT Windows Server 2012 R2 MS v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsMSCT Windows 10 v2004 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsMSCT Windows Server v1909 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) serversMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) serversMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) serversMSCT Windows Server v1909 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Network security: Minimum session security for NTLM SSP based (including secure RPC) serversMSCT Windows Server v1909 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION