Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001190
CCI
CCI|CCI-001190
Title
Fail to an organization-defined known-system state for the following failures on the indicated components while preserving organization-defined system state information in failure.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AS24-U1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware
AS24-U1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG Apache Server 2.4 Unix Server v3r1
AS24-U2-000540 - The Apache web server must augment re-creation to a stable and known baseline.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000540 - The Apache web server must augment re-creation to a stable and known baseline.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Windows
DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Windows
DISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000540 - The Apache web server must augment re-creation to a stable and known baseline.
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000560 - The Apache web server must be configured to provide clustering - mod_proxy
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000560 - The Apache web server must be configured to provide clustering - ProxyPass
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Catalina v1.5.0 - All Profiles
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - av-failopen
FortiGate
DISA Fortigate Firewall STIG v1r3
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - av-failopen-session
FortiGate
DISA Fortigate Firewall STIG v1r3
FNFG-FW-000090 - The FortiGate firewall must fail to a secure state if the firewall filtering functions fail unexpectedly - fail-open
FortiGate
DISA Fortigate Firewall STIG v1r3
IIST-SV-000136 - The IIS 10.0 web server must augment re-creation to a stable and known baseline.
Windows
DISA IIS 10.0 Server v3r2
IIST-SV-000136 - The IIS 10.0 web server must augment re-creation to a stable and known baseline.
Windows
DISA IIS 10.0 Server v2r10
IISW-SV-000136 - The IIS 8.5 web server must augment re-creation to a stable and known baseline.
Windows
DISA IIS 8.5 Server v2r7
MADB-10-005000 - MariaDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.
MySQLDB
DISA MariaDB Enterprise 10.x v2r2 DB
MD3X-00-000420 - MongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-000800 - MongoDB must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails
Unix
NIST macOS Monterey v1.0.0 - All Profiles
SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions.
BlueCoat
DISA Symantec ProxySG Benchmark ALG v1r3
TCAT-AS-000860 - Clusters must operate on a trusted network.
Unix
DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware
UBTU-18-010505 - Kernel core dumps must be disabled unless needed.
Unix
DISA STIG Ubuntu 18.04 LTS v2r15
UBTU-20-010413 - The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.
Unix
DISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-213015 - Ubuntu 22.04 LTS must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.
Unix
DISA STIG Canonical Ubuntu 22.04 LTS v2r2
VCEM-67-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-70-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCLU-70-000018 - Lookup Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCLU-80-000062 The vCenter Lookup service must be configured to fail to a known safe state if system initialization fails.
Unix
DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1
VCPF-67-000017 - Performance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3
VCPF-70-000018 - Performance Charts must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCPF-80-000062 The vCenter Perfcharts service must be configured to fail to a known safe state if system initialization fails.
Unix
DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1
VCST-67-000018 - The Security Token Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 6.7 STS Tomcat v1r3
VCST-70-000018 - The Security Token Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 7.0 STS Tomcat v1r2
VCST-80-000062 The vCenter STS service must be configured to fail to a known safe state if system initialization fails.
Unix
DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1
VCUI-67-000017 - vSphere UI must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 6.7 UI Tomcat v1r3
VCUI-70-000019 - vSphere UI must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Unix
DISA STIG VMware vSphere 7.0 vCA UI v1r2
VCUI-80-000062 The vCenter UI service must be configured to fail to a known safe state if system initialization fails.
Unix
DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.
Unix
Oracle WebLogic Server 12c Linux v2r1
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.
Unix
Oracle WebLogic Server 12c Linux v2r1 Middleware
WBLC-08-000229 - Oracle WebLogic must be configured to perform complete application deployments.
Windows
Oracle WebLogic Server 12c Windows v2r1
WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters.
Unix
DISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters.
Unix
DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware