800-53|SI-7(1)

Title

INTEGRITY CHECKS

Description

The information system performs an integrity check of [Assignment: organization-defined software, firmware, and information] [Selection (one or more): at startup; at [Assignment: organization-defined transitional states or security-relevant events]; [Assignment: organization-defined frequency]].

Supplemental

Security-relevant events include, for example, the identification of a new threat to which organizational information systems are susceptible, and the installation of new hardware, software, or firmware. Transitional states include, for example, system startup, restart, shutdown, and abort.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.3.2 Ensure 'Restrict legacy JScript execution for Office' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Amazon Linux v2.1.0 L1
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checkedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
2.1.1.3.2.2 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.1.1.3.2.3 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.1.1.3.2.4 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.1.3 Ensure Allowlist violations are enabledUnixCIS IBM AIX 7 v1.0.0 L2
2.2.4.7.2.6 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.7 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.8 Ensure 'Macro Notification Settings' is set to 'Enabled: Disable VBA macros except digitally signed macros'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.9 Ensure 'Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.10 Ensure 'Prevent Excel from running XLM macros' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.11 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.2.4.7.2.12 Ensure 'Store macro in Personal Macro Workbook by default' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.3 Ensure regular scans for unauthorized applicationsUnixCIS IBM AIX 7 v1.0.0 L2
2.3.27.7 Ensure 'Automation Security' is set to 'Enabled: Disable Macros by default'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.5.10.6.1.3 Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.5.10.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.5.14.3.2.1 Ensure 'Allow scripts in one-off Outlook forms' is set to 'Disabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.5.14.4.3 Ensure 'Security setting for macros' is set to 'Enabled: Warn for signed, disable unsigned'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.6.6.6.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.6.6.6.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.6.6.6.2.6 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.8.4.1.1 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.8.4.1.2 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.8.4.1.3 Ensure 'Require that application add-ins are signed by Trusted Publisher' to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.8.4.1.4 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.8.4.1.5 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.11.8.7.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.11.8.7.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.11.8.7.2.7 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.11.8.7.2.10 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.11.8.7.2.11 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
2.27 Ensure 'Http Allowlist' Is Properly ConfiguredWindowsCIS Google Chrome L1 v3.0.0
3.1 Set a nondeterministic Shutdown command valueUnixCIS Apache Tomcat 10 L1 v1.1.0
10.12 Do not allow symbolic linkingUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.12 Do not allow symbolic linkingUnixCIS Apache Tomcat 9 L1 v1.2.0
10.12 Do not allow symbolic linkingUnixCIS Apache Tomcat 10 L1 v1.1.0
10.12 Do not allow symbolic linkingUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.12 Do not allow symbolic linkingUnixCIS Apache Tomcat 10.1 v1.0.0 L1
10.14 Do not allow cross context requestsUnixCIS Apache Tomcat 10 L1 v1.1.0
10.14 Do not allow cross context requestsUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.14 Do not allow cross context requestsUnixCIS Apache Tomcat 10.1 v1.0.0 L1
10.14 Do not allow cross context requestsUnixCIS Apache Tomcat 9 L1 v1.2.0
10.14 Do not allow cross context requestsUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
11.4 Ensure Only the Necessary SELinux Booleans are EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0
11.4 Ensure Only the Necessary SELinux Booleans are EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is EnabledUnixCIS Apache HTTP Server 2.4 L2 v2.1.0