800-53|CM-7(2)

Title

PREVENT PROGRAM EXECUTION

Description

The information system prevents program execution in accordance with [Selection (one or more): [Assignment: organization-defined policies regarding software program usage and restrictions]; rules authorizing the terms and conditions of software program usage].

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: CM-8,PM-5

Category: CONFIGURATION MANAGEMENT

Parent Title: LEAST FUNCTIONALITY

Family: CONFIGURATION MANAGEMENT

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1 Ensure the appropriate MongoDB software version/patches are installed	MongoDB	CIS MongoDB 5 L1 DB v1.2.0
1.1 Ensure the appropriate MongoDB software version/patches are installed	Windows	CIS MongoDB 6 v1.2.0 L1 MongoDB
1.1 Ensure the appropriate MongoDB software version/patches are installed	Unix	CIS MongoDB 6 v1.2.0 L1 MongoDB
1.1 Ensure the appropriate MongoDB software version/patches are installed	Unix	CIS MongoDB 7 v1.2.0 L1 Unix
1.1 Ensure the appropriate MongoDB software version/patches are installed	Windows	CIS MongoDB 8 v1.0.0 L1 Windows
1.1 Ensure the appropriate MongoDB software version/patches are installed	Windows	CIS MongoDB 7 v1.2.0 L1 Windows
1.1 Ensure the appropriate MongoDB software version/patches are installed	Unix	CIS MongoDB 8 v1.0.0 L1 Unix
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	Unix	CIS Debian 8 Workstation L1 v2.0.2
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	Unix	CIS Debian 8 Server L1 v2.0.2
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe	Unix	CIS Debian 8 Server L1 v2.0.2
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe	Unix	CIS Debian 8 Workstation L1 v2.0.2
1.1.2.1.2 Ensure nodev option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.1.2 Ensure nodev option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.1.3 Ensure nosuid option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.1.3 Ensure nosuid option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.1.4 Ensure noexec option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.1.4 Ensure noexec option set on /tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.2.2 Ensure nodev option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.2.2 Ensure nodev option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.2.3 Ensure nosuid option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.2.3 Ensure nosuid option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.2.4 Ensure noexec option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.2.4 Ensure noexec option set on /dev/shm partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.5.2 Ensure nodev option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.5.2 Ensure nodev option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.5.3 Ensure nosuid option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.5.3 Ensure nosuid option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.5.4 Ensure noexec option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.5.4 Ensure noexec option set on /var/tmp partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.6.2 Ensure nodev option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.6.2 Ensure nodev option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.6.3 Ensure nosuid option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.6.3 Ensure nosuid option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.6.4 Ensure noexec option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.6.4 Ensure noexec option set on /var/log partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.7.2 Ensure nodev option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.7.2 Ensure nodev option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.7.4 Ensure noexec option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.2.7.4 Ensure noexec option set on /var/log/audit partition	Unix	CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
1.1.2.11.3 Ensure noexec option set on removable media partitions	Unix	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server
1.1.2.11.3 Ensure noexec option set on removable media partitions	Unix	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG
1.1.2.11.3 Ensure noexec option set on removable media partitions	Unix	CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation
1.1.5 Ensure noexec option set on /tmp partition	Unix	CIS Google Container-Optimized OS v1.2.0 L1 Server
1.1.12 Ensure noexec option set on /dev/shm partition	Unix	CIS Google Container-Optimized OS v1.2.0 L1 Server
1.1.16 Ensure noexec option set on /dev/shm partition	Unix	CIS Debian 8 Server L1 v2.0.2
1.1.16 Ensure noexec option set on /dev/shm partition	Unix	CIS Debian 8 Workstation L1 v2.0.2
1.1.19 Ensure noexec option set on removable media partitions	Unix	CIS Debian 8 Workstation L1 v2.0.2
1.1.19 Ensure noexec option set on removable media partitions	Unix	CIS Debian 8 Server L1 v2.0.2

Detections

Analytics

800-53|CM-7(2)

Title

Description

Reference Item Details

Audit Items