CCI|CCI-001744

Title

The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2013

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.3.1 Ensure AIDE is installed	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - aide	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - cron	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - mail	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
Big Sur - Configure the System to Notify upon Baseline Configuration Changes	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Configure the System to Notify upon Baseline Configuration Changes	Unix	NIST macOS Catalina v1.5.0 - All Profiles
F5BI-DM-000211 - The BIG-IP appliance must be configured to implement automated security responses if baseline configurations are changed in an unauthorized manner.	F5	DISA F5 BIG-IP Device Management 11.x STIG v2r2
F5BI-DM-000211 - The BIG-IP appliance must be configured to implement automated security responses if baseline configurations are changed in an unauthorized manner.	F5	DISA F5 BIG-IP Device Management 11.x STIG v1r7
F5BI-DM-000211 - The BIG-IP appliance must be configured to implement automated security responses if baseline configurations are changed in an unauthorized manner.	F5	DISA F5 BIG-IP Device Management STIG v2r3
F5BI-DM-000211 - The BIG-IP appliance must be configured to implement automated security responses if baseline configurations are changed in an unauthorized manner.	F5	DISA F5 BIG-IP Device Management 11.x STIG v2r1
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 SPARC v2r1
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 X86 v2r2
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 X86 v2r1
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 SPARC v2r2
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN000140 - A file integrity baseline must be created and maintained.	Unix	DISA STIG Solaris 10 X86 v2r4
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - '/etc/aide.conf must exist'	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'cryptographic hash is used '	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'database location'	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - '/etc/aide.conf exists'	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - 'database has been configured'	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 SPARC v2r2
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 X86 v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 X86 v2r2
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 SPARC v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.	Unix	DISA STIG Solaris 10 X86 v2r4
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 SPARC v2r1
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 SPARC v2r2
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 X86 v2r2
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 X86 v2r4
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN002260 - The system must be checked for extraneous device files at least weekly.	Unix	DISA STIG Solaris 10 X86 v2r1
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 SPARC v2r1
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 X86 v2r1
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 SPARC v2r2
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 X86 v2r2
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.	Unix	DISA STIG Solaris 10 X86 v2r4
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 SPARC v2r2
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 X86 v2r4
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 SPARC v2r1
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 X86 v2r2
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.	Unix	DISA STIG Solaris 10 X86 v2r1
Monterey - Configure the System to Notify upon Baseline Configuration Changes	Unix	NIST macOS Monterey v1.0.0 - All Profiles
OL07-00-020028 - The Oracle Linux operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.	Unix	DISA Oracle Linux 7 STIG v2r11
OL07-00-020028 - The Oracle Linux operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.	Unix	DISA Oracle Linux 7 STIG v2r12
OL07-00-020028 - The Oracle Linux operating system must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.	Unix	DISA Oracle Linux 7 STIG v2r13

Detections

Analytics

CCI|CCI-001744

Title

Reference Item Details

Audit Items