CCI|CCI-000154

Title

Provide the capability to centrally review and analyze audit records from multiple components within the system.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events.UnixDISA STIG AIX 7.x v3r1
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r4
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-W1-000700 - An Apache web server that is part of a web server cluster must route all remote management through a centrally managed access control point - mod_proxyWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000700 - An Apache web server that is part of a web server cluster must route all remote management through a centrally managed access control point - ProxyPassWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Ensure System Integrity Protection is EnabledUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker pathsUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker servicesUnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
ESXI-06-100004 - The VMM must support the capability to centrally review and analyze audit records from multiple components within the system by configuring remote logging.VMwareDISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-70-000004 - Remote logging for ESXi hosts must be configured.VMwareDISA STIG VMware vSphere 7.0 ESXi v1r2
EX13-CA-000055 - Exchange must have Queue monitoring configured with threshold and action.WindowsDISA Microsoft Exchange 2013 Client Access Server STIG v2r2
EX13-EG-000040 - Exchange Queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6
EX13-MB-000050 - Exchange Queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX16-ED-000080 - Exchange Queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-MB-000100 - Exchange Queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2016 Mailbox Server STIG v2r6
EX19-ED-000040 - Exchange queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2019 Edge Server STIG v2r1
EX19-MB-000048 - Exchange queue monitoring must be configured with threshold and action.WindowsDISA Microsoft Exchange 2019 Mailbox Server STIG v2r2
GOOG-12-002800 - Google Android 12 must be configured to enable audit logging.MDMAirWatch - DISA Google Android 12 COBO v1r2
GOOG-12-002800 - Google Android 12 must be configured to enable audit logging.MDMMobileIron - DISA Google Android 12 COPE v1r2
GOOG-12-002800 - Google Android 12 must be configured to enable audit logging.MDMMobileIron - DISA Google Android 12 COBO v1r2
GOOG-12-002800 - Google Android 12 must be configured to enable audit logging.MDMAirWatch - DISA Google Android 12 COPE v1r2
GOOG-13-002800 - Google Android 13 must be configured to enable audit logging.MDMAirWatch - DISA Google Android 13 COPE v2r1
GOOG-13-002800 - Google Android 13 must be configured to enable audit logging.MDMMobileIron - DISA Google Android 13 COBO v2r1
GOOG-13-002800 - Google Android 13 must be configured to enable audit logging.MDMMobileIron - DISA Google Android 13 COPE v2r1
GOOG-13-002800 - Google Android 13 must be configured to enable audit logging.MDMAirWatch - DISA Google Android 13 COBO v2r1
GOOG-14-002800 - Google Android 14 must be configured to enable audit logging.MDMMobileIron - DISA Google Android 14 COBO v2r1