Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001749
CCI
CCI|CCI-001749
Title
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.2.3 Ensure gpgcheck is globally activated - CA that is recognized and approved by the organization.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.6 Ensure software packages have been digitally signed by a Certificate Authority (CA) - CA that is recognized and approved by the organization.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.1 Audit system file permissions
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - AllowIdentifiedDevelopers
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - SPApplicationsDataType
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 11 v1r5
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 11 v1r8
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 12 v1r9
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 13 v1r4
APPL-14-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers.
Unix
DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-002064 - The macOS system must enable Gatekeeper.
Unix
DISA Apple macOS 14 (Sonoma) STIG v2r2
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-171
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - All Profiles
CNTR-R2-000460 Rancher RKE2 must be built from verified packages.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r2
DKER-EE-001770 - Docker Incs official GPG key must be added to the host using the users operating systems respective package repository management tooling.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r2
DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source.
Unix
McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-201 - The McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source.
Unix
McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTBI370-IE11 - Checking for signatures on downloaded programs must be enforced.
Windows
DISA STIG IE 11 v2r5
DTOO127 - Access - Application add-ins must be signed by Trusted Publisher.
Windows
DISA STIG Office 2010 Access v1r11
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher
Windows
DISA STIG Microsoft Office Access 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher
Windows
DISA STIG Microsoft Publisher 2016 v1r3
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Access 2013 v1r7
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Project 2013 v1r5
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Excel 2016 v2r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft PowerPoint 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Visio 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft PowerPoint 2013 v1r7
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Visio 2013 v1r5
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Word 2013 v1r7
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Project 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Excel 2013 v1r8
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Word 2016 v1r1