CCI|CCI-000213

Title

Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.4.1 Ensure bootloader password is set - password efi grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password efi user	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password user	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers efi	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.3 Ensure authentication required for single user mode	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance.	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.008 - Local volumes are not formatted using NTFS.	Windows	DISA Windows Vista STIG v6r41
3.027 - Printer share permissions are not configured as recommended.	Windows	DISA Windows Vista STIG v6r41
APPL-14-000033 - The macOS system must disable FileVault automatic log on.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-000080 - The macOS system must enable SSH server for remote access sessions.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002001 - The macOS system must disable Server Message Block sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002003 - The macOS system must disable Network File System service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002006 - The macOS system must disable Unix-to-Unix Copy Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002008 - The macOS system must disable the built-in web server.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002009 - The macOS system must disable AirDrop.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002022 - The macOS system must disable Remote Apple Events.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002038 - The macOS system must disable Trivial File Transfer Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002100 - The macOS system must disable Media Sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-002110 - The macOS system must disable Bluetooth sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-005058 - The macOS system must disable Handoff.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-005070 - The macOS system must enable Authenticated Root.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-15-000033 - The macOS system must disable FileVault automatic login.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002001 - The macOS system must disable Server Message Block (SMB) sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002003 - The macOS system must disable Network File System (NFS) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002008 - The macOS system must disable the built-in web server.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002009 - The macOS system must disable AirDrop.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002022 - The macOS system must disable Remote Apple Events.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002038 - The macOS system must disable Trivial File Transfer Protocol (TFTP) service.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002100 - The macOS system must disable Media Sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-002110 - The macOS system must disable Bluetooth Sharing.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005058 - The macOS system must disable Handoff.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005070 - The macOS system must enable Authenticated Root.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - ssl_module	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions.	Unix	DISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.	Unix	DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol	Windows	DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine	Windows	DISA STIG Apache Server 2.4 Windows Site v2r1

Detections

Analytics

CCI|CCI-000213

Title

Reference Item Details

Audit Items