CCI|CCI-001494

Title

Protect audit tools from unauthorized modification.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-002025 - AIX audit tools must be owned by root.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002026 - AIX audit tools must be group-owned by audit.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002027 - AIX audit tools must be set to 4550 or less permissive.UnixDISA STIG AIX 7.x v3r1
ALMA-09-056890 - AlmaLinux OS 9 must use cryptographic mechanisms to protect the integrity of audit tools.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r1
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r5
APPL-14-000030 The macOS system must configure audit log files to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-000031 The macOS system must configure audit log folders to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001003 The macOS system must enable security auditing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001012 The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001013 The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001014 The macOS system must configure audit log files group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001015 The macOS system must configure audit log folders group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001016 The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001017 The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001020 The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001021 The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001110 The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001120 The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001130 The macOS system must configure audit_control to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-001140 The macOS system must configure audit_control to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-005001 The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001003 - The macOS system must enable security auditing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001012 - The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001013 - The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001014 - The macOS system must configure the audit log files group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001015 - The macOS system must configure the audit log folders group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001016 - The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001020 - The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001021 - The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001022 - The macOS system must be configured to audit all failed read actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001023 - The macOS system must be configured to audit all failed write actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001110 - The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001120 - The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001130 - The macOS system must configure audit_control owner to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-001140 - The macOS system must configure audit_control to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r2
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253