Detections
Analytics

800-53|CM-6b.

Title

CONFIGURATION SETTINGS

Description

Implements the configuration settings;

Reference Item Details

Category: CONFIGURATION MANAGEMENT

Family: CONFIGURATION MANAGEMENT

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.0.2 Use IP address rather than hostname - 'db2system = IP'UnixCIS IBM DB2 OS L1 v1.2.0
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.WindowsDISA Windows Vista STIG v6r41
1.1 Create local-settings.js file - general.config.filenameWindowsCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscureWindowsCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscure_valueUnixCIS Mozilla Firefox 38 ESR Linux L1 v1.0.0
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.2 Ensure mounting of freevxfs filesystems is disabledUnixCIS Amazon Linux v2.1.0 L2
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.4 Ensure mounting of hfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.7 Ensure mounting of udf filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.8 Ensure mounting of FAT filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.3.6.4 Set 'Interactive logon: Do not display last user name' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.6.8 Set 'Interactive logon: Do not require CTRL+ALT+DEL' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.8.4 Set 'Microsoft network server: Server SPN target name validation level' to 'Accept if provided by client'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.9.2 Configure 'MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.12.2 Set 'Recovery console: Allow floppy copy and access to all drives and all folders' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.13.1 Set 'Shutdown: Clear virtual memory pagefile' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.15.1 Set 'System objects: Strengthen default permissions of internal system objects (e'g' Symbolic Links)' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.15.2 Set 'System objects: Require case insensitivity for nonWindows subsystems' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.6 Ensure separate partition exists for /varUnixCIS Amazon Linux v2.1.0 L2
1.1.6 Ensure separate partition exists for /varUnixCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1
1.1.6 Ensure separate partition exists for /varUnixCIS SUSE Linux Enterprise Server 11 L2 v2.1.1
1.1.7 Ensure separate partition exists for /var/tmpUnixCIS Amazon Linux v2.1.0 L2
1.1.7 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.8 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.8 Ensure that the --profiling argument is set to falseUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.8 Ensure that the --repair-malformed-updates argument is set to falseUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.9 Ensure that the --repair-malformed-updates argument is set to falseUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.9 Ensure that the --repair-malformed-updates argument is set to falseUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.10 Ensure separate partition exists for /varUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.13 Ensure separate partition exists for /homeUnixCIS Amazon Linux v2.1.0 L2
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.22 Ensure nosuid option set on removable media partitionsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.26 Ensure all world-writable directories are group-owned.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.27 Disable AutomountingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - blacklistUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2 Create mozilla.cfg fileUnixCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0
1.2 Create mozilla.cfg fileWindowsCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0
1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties.WindowsDISA Windows Vista STIG v6r41
1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet.WindowsDISA Windows Vista STIG v6r41
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.WindowsDISA Windows Vista STIG v6r41
1.10 Windows Oracle Registry Key Permissions - 'Verify and set permissions'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 1
1.11 Windows Oracle Registry Key Setting - 'Set OSAUTH_PREFIX_DOMAIN registry value to TRUE'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 1
1.12 Windows registry - 'Set USE_SHARED_SOCKET registry value to TRUE'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 2
1.013 - System information backups are not created, updated, and protected according to DISA requirements.WindowsDISA Windows Vista STIG v6r41
1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.WindowsDISA Windows Vista STIG v6r41