CCI|CCI-000213

Title

Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4.1 Ensure bootloader password is set - password efi grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password efi userUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password userUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers efiUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers grubUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.3 Ensure authentication required for single user modeUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers accountUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.008 - Local volumes are not formatted using NTFS.WindowsDISA Windows Vista STIG v6r41
3.027 - Printer share permissions are not configured as recommended.WindowsDISA Windows Vista STIG v6r41
APPL-14-000033 - The macOS system must disable FileVault automatic log on.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002001 - The macOS system must disable Server Message Block sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002003 - The macOS system must disable Network File System service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002006 - The macOS system must disable Unix-to-Unix Copy Protocol service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002008 - The macOS system must disable the built-in web server.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002009 - The macOS system must disable AirDrop.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002038 - The macOS system must disable Trivial File Transfer Protocol service.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002100 - The macOS system must disable Media Sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002110 - The macOS system must disable Bluetooth sharing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005058 - The macOS system must disable Handoff.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005070 - The macOS system must enable Authenticated Root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-000033 - The macOS system must disable FileVault automatic login.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002001 - The macOS system must disable Server Message Block (SMB) sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002003 - The macOS system must disable Network File System (NFS) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002008 - The macOS system must disable the built-in web server.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002009 - The macOS system must disable AirDrop.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002038 - The macOS system must disable Trivial File Transfer Protocol (TFTP) service.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002100 - The macOS system must disable Media Sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002110 - The macOS system must disable Bluetooth Sharing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005058 - The macOS system must disable Handoff.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005070 - The macOS system must enable Authenticated Root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_moduleUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocolUnixDISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.UnixDISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_moduleWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngineWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocolWindowsDISA STIG Apache Server 2.4 Windows Site v2r1