CCI|CCI-000213

Title

Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4.1 Ensure bootloader password is set - password efi grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password efi userUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password userUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers efiUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.3 Ensure authentication required for single user modeUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers accountUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.008 - Local volumes are not formatted using NTFS.WindowsDISA Windows Vista STIG v6r41
3.027 - Printer share permissions are not configured as recommended.WindowsDISA Windows Vista STIG v6r41
ALMA-09-006180 - AlmaLinux OS 9 must require authentication to access emergency mode.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-006290 - AlmaLinux OS 9 must require a boot loader password.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-006400 - AlmaLinux OS 9 must require a unique superuser's name upon booting into single-user and maintenance modes.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-006510 - AlmaLinux OS 9 must require authentication to access single-user mode.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r1
APPL-14-000033 The macOS system must disable FileVault automatic log on.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002001 The macOS system must disable Server Message Block sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002003 The macOS system must disable Network File System service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002006 The macOS system must disable Unix-to-Unix Copy Protocol service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002008 The macOS system must disable the built-in web server.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002009 The macOS system must disable AirDrop.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002022 The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002038 The macOS system must disable Trivial File Transfer Protocol service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002050 The macOS system must disable Screen Sharing and Apple Remote Desktop.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002100 The macOS system must disable Media Sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-002110 The macOS system must disable Bluetooth sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-005001 The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-005058 The macOS system must disable Handoff.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-005070 The macOS system must enable Authenticated Root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-000033 - The macOS system must disable FileVault automatic login.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002001 - The macOS system must disable Server Message Block (SMB) sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002003 - The macOS system must disable Network File System (NFS) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002008 - The macOS system must disable the built-in web server.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002009 - The macOS system must disable AirDrop.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002038 - The macOS system must disable Trivial File Transfer Protocol (TFTP) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002100 - The macOS system must disable Media Sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-002110 - The macOS system must disable Bluetooth Sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-005058 - The macOS system must disable Handoff.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-005070 - The macOS system must enable Authenticated Root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v3r1