CCI|CCI-001495

Title

Protect audit tools from unauthorized deletion.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-002025 - AIX audit tools must be owned by root.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002026 - AIX audit tools must be group-owned by audit.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002027 - AIX audit tools must be set to 4550 or less permissive.UnixDISA STIG AIX 7.x v3r1
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r8
APPL-11-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 11 v1r5
APPL-12-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 12 v1r9
APPL-13-005001 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple macOS 13 v1r4
APPL-14-000030 - The macOS system must configure audit log files to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-000031 - The macOS system must configure audit log folders to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001003 - The macOS system must enable security auditing.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001012 - The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001013 - The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001014 - The macOS system must configure audit log files group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001015 - The macOS system must configure audit log folders group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001016 - The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001020 - The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001021 - The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001110 - The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001120 - The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001130 - The macOS system must configure audit_control to mode 440 or less permissive.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-001140 - The macOS system must configure audit_control to not contain access control lists.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-000030 - The macOS system must configure audit log files to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001003 - The macOS system must enable security auditing.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001012 - The macOS system must configure audit log files to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001013 - The macOS system must configure audit log folders to be owned by root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001014 - The macOS system must configure the audit log files group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001015 - The macOS system must configure the audit log folders group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001016 - The macOS system must configure audit log files to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001017 - The macOS system must configure audit log folders to mode 700 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001020 - The macOS system must be configured to audit all deletions of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001021 - The macOS system must be configured to audit all changes of object attributes.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001022 - The macOS system must be configured to audit all failed read actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001023 - The macOS system must be configured to audit all failed write actions on the system.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001110 - The macOS system must configure audit_control group to wheel.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001120 - The macOS system must configure audit_control owner to root.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001130 - The macOS system must configure audit_control owner to mode 440 or less permissive.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-001140 - The macOS system must configure audit_control to not contain access control lists (ACLs).UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Ensure System Integrity Protection is EnabledUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High