CCI|CCI-000213

Title

Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.4.1 Ensure bootloader password is set - password efi grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password efi user	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - password user	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers efi	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.1 Ensure bootloader password is set - superusers grub	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.3 Ensure authentication required for single user mode	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance.	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.480 - systems prior to version 7.2 with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - password	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.480 - systems prior to version 7.2 with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - superusers	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.481 - The system must require authentication upon booting into single-user and maintenance modes.	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.482 - systems version 7.2 or newer with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - password	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.482 - systems version 7.2 or newer with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - superusers	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.490 - systems prior to version 7.2 using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - password	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.490 - systems prior to version 7.2 using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - superusers	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.491 - systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - password	Unix	Tenable Fedora Linux Best Practices v2.0.0
1.491 - systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - superusers	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.008 - Local volumes are not formatted using NTFS.	Windows	DISA Windows Vista STIG v6r41
2.008 - Local volumes are not formatted using NTFS.	Windows	DISA Windows Server 2008 DC STIG v6r47
2.008 - Local volumes are not formatted using NTFS.	Windows	DISA Windows Server 2008 MS STIG v6r46
2.008 - Local volumes must be formatted using NTFS.	Windows	DISA Windows 7 STIG v1r32
2.008 - Local volumes will be formatted using NTFS.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
2.008 - Local volumes will be formatted using NTFS.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
3.027 - Non-administrative user accounts or groups will only have print permissions of Printer Shares.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
3.027 - Non-administrative user accounts or groups will only have print permissions of Printer Shares.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
3.027 - Printer share permissions are not configured as recommended.	Windows	DISA Windows Server 2008 DC STIG v6r47
3.027 - Printer share permissions are not configured as recommended.	Windows	DISA Windows Server 2008 MS STIG v6r46
3.027 - Printer share permissions are not configured as recommended.	Windows	DISA Windows Vista STIG v6r41
3.027 - Printer share permissions must be restricted to Print for non administrators.	Windows	DISA Windows 7 STIG v1r32
APPL-14-000033 - The macOS system must disable FileVault automatic log on.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-000080 - The macOS system must enable SSH server for remote access sessions.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002001 - The macOS system must disable Server Message Block sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002003 - The macOS system must disable Network File System service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002006 - The macOS system must disable Unix-to-Unix Copy Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002008 - The macOS system must disable the built-in web server.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002009 - The macOS system must disable AirDrop.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002022 - The macOS system must disable Remote Apple Events.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002038 - The macOS system must disable Trivial File Transfer Protocol service.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002100 - The macOS system must disable Media Sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-002110 - The macOS system must disable Bluetooth sharing.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-005058 - The macOS system must disable Handoff.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
APPL-14-005070 - The macOS system must enable Authenticated Root.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v2r6
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v2r3
AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions - SSLProtocol	Unix	DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware

Detections

Analytics

CCI|CCI-000213

Title

Reference Item Details

Audit Items