CCI|CCI-001749

Title

The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2013

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2.3 Ensure gpgcheck is globally activated - CA that is recognized and approved by the organization.	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.6 Ensure software packages have been digitally signed by a Certificate Authority (CA) - CA that is recognized and approved by the organization.	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.1 Audit system file permissions	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AOSX-09-000430 - The Security assessment policy subsystem must be enabled.	Unix	DISA STIG Apple Mac OSX 10.9 v1r2
AOSX-09-000710 - The system must allow only applications downloaded from the App Store to run.	Unix	DISA STIG Apple Mac OSX 10.9 v1r2
AOSX-10-000430 - The Security assessment policy subsystem must be enabled.	Unix	DISA STIG Apple Mac OSX 10.10 v1r5
AOSX-10-000710 - The system must allow only applications downloaded from the App Store to run.	Unix	DISA STIG Apple Mac OSX 10.10 v1r5
AOSX-11-000430 - The Security assessment policy subsystem must be enabled.	Unix	DISA STIG Apple Mac OSX 10.11 v1r6
AOSX-11-000710 - The system must allow only applications downloaded from the App Store to run. - AllowIdentifiedDevelopers	Unix	DISA STIG Apple Mac OSX 10.11 v1r6
AOSX-11-000710 - The system must allow only applications downloaded from the App Store to run. - EnableAssessment	Unix	DISA STIG Apple Mac OSX 10.11 v1r6
AOSX-12-000430 - The OS X system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.12 v1r6
AOSX-12-000710 - The OS X system must allow only applications downloaded from the App Store or properly signed to run - AllowIdentifiedDevelopers	Unix	DISA STIG Apple Mac OSX 10.12 v1r6
AOSX-12-000710 - The OS X system must allow only applications downloaded from the App Store or properly signed to run - EnableAssessment	Unix	DISA STIG Apple Mac OSX 10.12 v1r6
AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.13 v2r1
AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications downloaded from the App Store or properly signed to run - AllowIdentifiedDevelopers	Unix	DISA STIG Apple Mac OSX 10.13 v2r1
AOSX-13-000710 - The macOS system must allow only applications downloaded from the App Store or properly signed to run - EnableAssessment	Unix	DISA STIG Apple Mac OSX 10.13 v2r1
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - AllowIdentifiedDevelopers	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - AllowIdentifiedDevelopers	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - SPApplicationsDataType	Unix	DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - SPApplicationsDataType	Unix	DISA STIG Apple Mac OSX 10.13 v2r3
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.14 v2r4
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.14 v2r5
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.14 v2r1
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.15 v1r10
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.15 v1r5
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.15 v1r7
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple Mac OSX 10.15 v1r3
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r3
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r6
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r5
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r1
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r8
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 11 v1r7
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 v1r5
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 v1r4
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 v1r3
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 v1r8
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 V1R2
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 12 v1r7
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 13 v1r2
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 13 v1r4
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 13 v1r1
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.	Unix	DISA STIG Apple macOS 13 v1r3
APPL-14-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers.	Unix	DISA Apple macOS 14 (Sonoma) STIG v1r2

Detections

Analytics

CCI|CCI-001749

Title

Reference Item Details

Audit Items