Detections
Analytics

800-53|CM-7(5)

Title

AUTHORIZED SOFTWARE / WHITELISTING

Description

The organization:

Supplemental

The process used to identify software programs that are authorized to execute on organizational information systems is commonly referred to as whitelisting. In addition to whitelisting, organizations consider verifying the integrity of white-listed software programs using, for example, cryptographic checksums, digital signatures, or hash functions. Verification of white-listed software can occur either prior to execution or at system startup.

Reference Item Details

Related: CM-2,CM-6,CM-8,PM-5,SA-10,SC-34,SI-7

Category: CONFIGURATION MANAGEMENT

Parent Title: LEAST FUNCTIONALITY

Family: CONFIGURATION MANAGEMENT

Baseline Impact: HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 AWS RDS v1.6.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 AWS RDS v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 DB v1.6.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 DB v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2008 R2 DB Engine L1 v1.7.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 3.4 Database Audit L1 v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 4 L1 DB v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB Database Audit L1 v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 3.2 Database Audit L1 v1.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
1.2 Ensure End of Life JUNOS Devices are not usedJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.2.3.1.5 Set 'Turn off the Windows Messenger Customer Experience Improvement Program' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.1.9 Set 'Turn off printing over HTTP' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.13 Configure 'Allow all trusted apps to install'WindowsCIS Windows 8 L1 v1.0.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.3.1 Ensure 'Block Flash activation in Office documents' is set to 'Enabled: Block all activation'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
1.3.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled'WindowsCIS Microsoft Office Outlook 2013 v1.1.0 Level 1
1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled'WindowsCIS Microsoft Office Outlook 2016 v1.1.0 Level 1
1.29 (L2) Ensure 'Allow features to download assets from the Asset Delivery Service' is set to 'Disabled'WindowsCIS Microsoft Edge v3.0.0 L2
1.73 (L1) Ensure 'Control communication with the Experimentation and Configuration Service' is set to 'Enabled: Disable communication with the Experimentation and Configuration Service'WindowsCIS Microsoft Edge v3.0.0 L1
11.3 Ensure the httpd_t Type is Not in Permissive ModeUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
11.3 Ensure the httpd_t Type is Not in Permissive ModeUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
11.4 Ensure Only the Necessary SELinux Booleans are EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
11.4 Ensure Only the Necessary SELinux Booleans are EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
12.2 Ensure the Apache AppArmor Profile Is Configured ProperlyUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
12.2 Ensure the Apache AppArmor Profile Is Configured ProperlyUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.3 Ensure Apache AppArmor Profile is in Enforce ModeUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
12.3 Ensure Apache AppArmor Profile is in Enforce ModeUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.3 Ensure the Apache AppArmor Profile Is in Enforce ModeUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
12.3 Ensure the Apache AppArmor Profile Is in Enforce ModeUnixCIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
18.10.15.8 (L1) Ensure 'Toggle user control over Insider builds' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC
18.10.15.8 (L1) Ensure 'Toggle user control over Insider builds' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS
18.10.15.8 Ensure 'Toggle user control over Insider builds' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC