800-53|SC-6

Title

RESOURCE AVAILABILITY

Description

The information system protects the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more); priority; quota; [Assignment: organization-defined security safeguards]].

Supplemental

Priority protection helps prevent lower-priority processes from delaying or interfering with the information system servicing any higher-priority processes. Quotas prevent users or processes from obtaining more than predetermined amounts of resources. This control does not apply to information system components for which there are only single users/roles.

Reference Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

Family: SYSTEM AND COMMUNICATIONS PROTECTION

Priority: P0

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1 Set 'Mailbox quotas: Issue warning at' to '1991680'WindowsCIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.1 Set 'Mailbox quotas: Issue warning at' to '1991680'WindowsCIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.1.1 Ensure 'Mailbox quotas: Issue warning at' is set to ''WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to ''WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to ''WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'WindowsCIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.2 Set 'Mailbox quotas: Prohibit send and receive at' to '2411520'WindowsCIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.3 Set 'Mailbox quotas: Prohibit send at' to '2097152'WindowsCIS Microsoft Exchange Server 2013 Mailbox v1.1.0
2.3 Set 'Mailbox quotas: Prohibit send at' to '2097152'WindowsCIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.7 Ensure the default ulimit is configured appropriatelyUnixCIS Docker Community Edition v1.1.0 L1 Docker
2.7 Set default ulimit as appropriateUnixCIS Docker 1.13.0 v1.0.0 L1 Docker
2.7 Set default ulimit as appropriate - default-ulimitUnixCIS Docker 1.12.0 v1.0.0 L1 Docker
2.7 Set default ulimit as appropriate - default-ulimitUnixCIS Docker 1.11.0 v1.0.0 L1 Docker
2.10 Set default ulimit as appropriate '--default-ulimit'UnixCIS Docker 1.6 v1.0.0 L1 Docker
2.14 Enable live restoreUnixCIS Docker 1.13.0 v1.0.0 L1 Docker
2.14 Enable live restoreUnixCIS Docker 1.12.0 v1.0.0 L1 Docker
2.14 Ensure live restore is EnabledUnixCIS Docker Community Edition v1.1.0 L1 Docker
3.1.11 Set maximum connection limits - MAX_CONNECTIONSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 1
3.1.11 Set maximum connection limits - MAX_CONNECTIONSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 2
3.1.11 Set maximum connection limits - MAX_COORDAGENTSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 1
3.1.11 Set maximum connection limits - MAX_COORDAGENTSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 2
3.1.11 Set maximum connection limits - MAXAPPLSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 1
3.1.11 Set maximum connection limits - MAXAPPLSWindowsCIS IBM DB2 v10 v1.1.0 Windows OS Level 2
4.1.12 Set Maximum Number of Applications (MAXAPPLS)WindowsCIS IBM DB2 11 v1.1.0 Windows OS Level 1
5.10 Ensure memory usage for container is limitedUnixCIS Docker Community Edition v1.1.0 L1 Docker
5.10 Limit memory usage for containerUnixCIS Docker 1.12.0 v1.0.0 L1 Docker
5.10 Limit memory usage for containerUnixCIS Docker 1.13.0 v1.0.0 L1 Docker
5.10 Limit memory usage for containerUnixCIS Docker 1.11.0 v1.0.0 L1 Docker
5.11 Ensure CPU priority is set appropriately on the containerUnixCIS Docker Community Edition v1.1.0 L1 Docker
5.11 Set container CPU priority appropriatelyUnixCIS Docker 1.11.0 v1.0.0 L1 Docker
5.11 Set container CPU priority appropriatelyUnixCIS Docker 1.12.0 v1.0.0 L1 Docker
5.11 Set container CPU priority appropriatelyUnixCIS Docker 1.13.0 v1.0.0 L1 Docker
5.12 Set container CPU priority appropriatelyUnixCIS Docker 1.6 v1.0.0 L1 Docker
5.18 Ensure the default ulimit is overwritten at runtime, only if neededUnixCIS Docker Community Edition v1.1.0 L1 Docker
5.18 Override default ulimit at runtime only if neededUnixCIS Docker 1.13.0 v1.0.0 L1 Docker
5.18 Override default ulimit at runtime only if neededUnixCIS Docker 1.12.0 v1.0.0 L1 Docker
5.18 Override default ulimit at runtime only if neededUnixCIS Docker 1.11.0 v1.0.0 L1 Docker
6.2 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB 5 L2 OS Linux v1.2.0
6.2 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB 5 L2 OS Windows v1.2.0
6.2 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB 6 v1.2.0 L2 MongoDB
6.2 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB 4 L2 OS Windows v1.0.0
6.2 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB 4 L2 OS Linux v1.0.0
6.2 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB 6 v1.2.0 L2 MongoDB
6.3 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB 3.2 L2 Unix Audit v1.0.0
6.3 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB 3.4 L2 Unix Audit v1.0.0
6.3 Ensure that operating system resource limits are set for MongoDBUnixCIS MongoDB L2 Unix Audit v1.0.0
6.3 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB 3.2 L2 Windows Audit v1.0.0
6.3 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB 3.4 L2 Windows Audit v1.0.0
6.3 Ensure that operating system resource limits are set for MongoDBWindowsCIS MongoDB L2 Windows Audit v1.0.0
8.5.1 Ensure VM limits are configured correctly - CPU Share LevelVMwareCIS VMware ESXi 6.5 v1.0.0 Level 2