800-53|AC-6(10)

Title

PROHIBIT NON-PRIVILEGED USERS FROM EXECUTING PRIVILEGED FUNCTIONS

Description

The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Supplemental

Privileged functions include, for example, establishing information system accounts, performing system integrity checks, or administering cryptographic key management activities. Non-privileged users are individuals that do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from non-privileged users.

Reference Item Details

Category: ACCESS CONTROL

Parent Title: LEAST PRIVILEGE

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3 Ensure nodev option set on /tmp partitionUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1
1.1.3 Ensure nodev option set on /tmp partitionUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
1.1.3 Ensure nodev option set on /tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.3 Ensure nodev option set on /tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.3 Ensure nodev option set on /tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.3.9.3 Set 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.9.13 Configure 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.1 Set 'Network access: Let Everyone permissions apply to anonymous users' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.2 Set 'Network access: Allow anonymous SID/Name translation' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.11.4 Set 'Network security: Allow LocalSystem NULL session fallback' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.12.1 Set 'Recovery console: Allow automatic administrative logon' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.13.2 Set 'Shutdown: Allow system to be shut down without having to log on' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.17.3 Set 'User Account Control: Behavior of the elevation prompt for standard users' to 'Automatically deny elevation requests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4 Ensure nosuid option set on /tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.4 Ensure nosuid option set on /tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.4 Ensure nosuid option set on /tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.5 Ensure noexec option set on /tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.7 Ensure nodev option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.7 Ensure nodev option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.8 Ensure nodev option set on /var/tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.8 Ensure nosuid option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.8 Ensure nosuid option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.9 Ensure noexec option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.9 Ensure noexec option set on /var/tmp partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.9 Ensure nosuid option set on /var/tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.10 Ensure noexec option set on /var/tmp partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.13 Ensure nodev option set on /home partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.13 Ensure nodev option set on /home partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.14 Ensure nodev option set on /home partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.14 Ensure nodev option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.14 Ensure nodev option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.15 Ensure nodev option set on /dev/shm partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.15 Ensure nosuid option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.15 Ensure nosuid option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.16 Ensure noexec option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.16 Ensure noexec option set on /run/shm partitionUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.16 Ensure nosuid option set on /dev/shm partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.17 Ensure nodev option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.17 Ensure nodev option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.17 Ensure noexec option set on /dev/shm partitionUnixCIS Amazon Linux v2.1.0 L1
1.1.18 Ensure nosuid option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.1.18 Ensure nosuid option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.19 Ensure noexec option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.1.19 Ensure noexec option set on removable media partitionsUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.2.1 Set 'privilege 1' for local users - 'No users with privileges 2-15'CiscoCIS Cisco IOS 12 L1 v4.0.0
1.2.3.2.1 Set 'Turn on PIN sign-in' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.2.4 Set 'Do not enumerate connected users on domain-joined computers' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.2.5 Configure 'Turn off app notifications on the lock screen'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.2.6 Set 'Enumerate local users on domain-joined computers' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.11 Set 'Always install with elevated privileges' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0