Detections
Analytics

CCI|CCI-000382

Title

Configure the system to prohibit or restrict the use of organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.50 UBTU-22-251030UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.75 APPL-14-002022UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.76 UBTU-24-300041UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.162 RHEL-09-251010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.163 RHEL-09-251015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.166 RHEL-09-251035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.172 RHEL-09-252025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.173 RHEL-09-252030UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.299 OL08-00-040030UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
3.5.3.2.3 Ensure iptables rules exist for all open portsUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
3.5.3.2.3 Ensure iptables rules exist for all open portsUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Server
3.5.3.2.3 Ensure iptables rules exist for all open portsUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
3.5.3.2.3 Ensure iptables rules exist for all open ports - PPSM CLSA and vulnerability assessments.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.4 Ensure ufw outgoing default is configuredUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Server
4.1.4 Ensure ufw outgoing default is configuredUnixCIS Debian Linux 13 v1.0.0 L2 Workstation
4.1.4 Ensure ufw outgoing default is configuredUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Workstation
4.1.4 Ensure ufw outgoing default is configuredUnixCIS Debian Linux 13 v1.0.0 L2 Server
4.1.5 Ensure ufw routed default is configuredUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
4.1.5 Ensure ufw routed default is configuredUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
4.1.5 Ensure ufw routed default is configuredUnixCIS Debian Linux 13 v1.0.0 L1 Server
4.1.5 Ensure ufw routed default is configuredUnixCIS Debian Linux 13 v1.0.0 L1 Workstation
AIX7-00-003088 - If Stream Control Transmission Protocol (SCTP) must be disabled on AIX.UnixDISA STIG AIX 7.x v3r1
AIX7-00-003089 - The Reliable Datagram Sockets (RDS) protocol must be disabled on AIX.UnixDISA STIG AIX 7.x v3r1
ALMA-09-018720 - The firewalld service on AlmaLinux OS 9 must be active.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-031700 - AlmaLinux OS 9 must have the firewalld package installed.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
AMLS-NM-000210 - The Arista Multilayer Switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.AristaDISA STIG Arista MLS DCS-7000 Series NDM v1r4
AOSX-13-000530 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000975 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.15 v1r10
AOSX-15-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 12 v1r9
APPL-12-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 13 v1r5
APPL-13-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 13 v1r5
APPL-14-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 15 Sequoia STIG v1r5
APPL-26-002022 - The macOS system must disable Remote Apple Events.UnixDISA Apple macOS 26 Tahoe STIG v1r1
ARST-ND-000340 - The Arista network device must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services.AristaDISA Arista MLS EOS 4.X NDM STIG v2r2
ARST-ND-000340 - The Arista network device must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services.AristaDISA STIG Arista MLS EOS 4.2x NDM v2r1
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Server v3r2
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Server v3r2 Middleware
AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Site v2r6
AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Site v2r6 Middleware
AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port OnlyWindowsDISA STIG Apache Server 2.4 Windows Server v3r3