CCI|CCI-001494

Title

Protect audit tools from unauthorized modification.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002025 - AIX audit tools must be owned by root.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002026 - AIX audit tools must be group-owned by audit.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002027 - AIX audit tools must be set to 4550 or less permissive.UnixDISA STIG AIX 7.x v3r1
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r4
APPL-14-000030 - The macOS system must configure audit log files to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-000031 - The macOS system must configure audit log folders to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001003 - The macOS system must enable security auditing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001012 - The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001013 - The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001014 - The macOS system must configure audit log files group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001015 - The macOS system must configure audit log folders group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001016 - The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001020 - The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001021 - The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001110 - The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001120 - The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001130 - The macOS system must configure audit_control to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001140 - The macOS system must configure audit_control to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001003 - The macOS system must enable security auditing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001012 - The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001013 - The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001014 - The macOS system must configure the audit log files group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001015 - The macOS system must configure the audit log folders group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001016 - The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001020 - The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001021 - The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001022 - The macOS system must be configured to audit all failed read actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001023 - The macOS system must be configured to audit all failed write actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001110 - The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001120 - The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001130 - The macOS system must configure audit_control owner to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001140 - The macOS system must configure audit_control to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171