800-53|SI-7(1)

Title

INTEGRITY CHECKS

Description

The information system performs an integrity check of [Assignment: organization-defined software, firmware, and information] [Selection (one or more): at startup; at [Assignment: organization-defined transitional states or security-relevant events]; [Assignment: organization-defined frequency]].

Supplemental

Security-relevant events include, for example, the identification of a new threat to which organizational information systems are susceptible, and the installation of new hardware, software, or firmware. Transitional states include, for example, system startup, restart, shutdown, and abort.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.0 - The file permissions, ownership, and group membership of system files and commands must match the vendor values.	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.2 - The cryptographic hash of system files and commands must match vendor values.	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.3.2 Ensure 'Restrict legacy JScript execution for Office' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS CentOS 6 Server L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 16.04 LTS Workstation L1 v1.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS CentOS 6 Workstation L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Amazon Linux v2.1.0 L1
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Amazon Linux 2 v1.0.0 L1
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Oracle Linux 6 Workstation L1 v1.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Oracle Linux 6 Server L1 v1.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Red Hat 6 Server L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Red Hat 6 Workstation L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS SUSE Linux Enterprise Server 12 L1 v2.1.0
1.3.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
1.3.2 Implement Periodic Execution of File Integrity '/var/spool/cron/root - 0 5 * * * /usr/sbin/aide --check'	Unix	CIS Red Hat Enterprise Linux 5 L2 v2.2
1.4.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1
1.4.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1
1.4.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 20.04 LTS Server L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked	Unix	CIS Ubuntu Linux 20.04 LTS Workstation L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - aidecheck.service status	Unix	CIS Oracle Linux 8 Server L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - aidecheck.service status	Unix	CIS Oracle Linux 8 Workstation L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - aidecheck.timer status	Unix	CIS Oracle Linux 8 Server L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - aidecheck.timer status	Unix	CIS Oracle Linux 8 Workstation L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - cron	Unix	CIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0
1.4.2 Ensure filesystem integrity is regularly checked - cron	Unix	CIS SUSE Linux Enterprise 15 Server L1 v1.0.0
1.89 Ensure 'Enable renderer code integrity' is set to 'Enabled'	Windows	CIS Microsoft Edge L1 v2.0.0
2.1.1.3.2.2 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.1.1.3.2.3 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.1.1.3.2.4 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.11.8.7.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.11.8.7.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.11.8.7.2.10 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.11.8.7.2.11 Ensure 'VBA Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'	Windows	CIS Microsoft Office Enterprise v1.1.0 L1
2.030 - A file integrity tool must verify the baseline operating system configuration at least weekly - cron	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.040 - Designated personnel must be notified if baseline configurations are changed in an unauthorized manner.	Unix	Tenable Fedora Linux Best Practices v2.0.0
10.12 Do not allow symbolic linking	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.12 Do not allow symbolic linking	Unix	CIS Apache Tomcat 9 L1 v1.2.0
10.12 Do not allow symbolic linking	Unix	CIS Apache Tomcat 10 L1 v1.1.0
10.12 Do not allow symbolic linking	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 10 L1 v1.1.0
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 9 L1 v1.2.0
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
11.4 Ensure Only the Necessary SELinux Booleans are Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
11.4 Ensure Only the Necessary SELinux Booleans are Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0

Detections

Analytics