CCI|CCI-001764

Title

Prevent program execution in accordance with organization-defined policies, rules of behavior, and/or access agreements regarding software program usage and restrictions; rules authorizing the terms and conditions of software program usage.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.7 Ensure noexec option set on /dev/shm partition - fstab	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.7 Ensure noexec option set on /dev/shm partition - mount	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - fstab	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - mount	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - fstab	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - mount	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.022 - Disallow AutoPlay/Autorun from Autorun.inf	Windows	DISA Windows Vista STIG v6r41
AIX7-00-003025 - AIX must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.	Unix	DISA STIG AIX 7.x v3r1
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Parental Controls	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enable Parental Controls	Unix	NIST macOS Catalina v1.5.0 - 800-171
DTOO210 - Excel - Pre-release versions of file formats new to Office Products must be blocked.	Windows	DISA STIG Office 2010 Excel v1r11
DTOO210 - The opening of pre-release versions of file formats new to Excel 2013 through the Compatibility Pack for Office 2013 and Excel 2013 Converter must be blocked.	Windows	DISA STIG Microsoft Excel 2013 v1r8
DTOO210 - The opening of pre-release versions of file formats new to PowerPoint 2013 through the Compatibility Pack for Office 2013 and PowerPoint 2013 Converter must be blocked.	Windows	DISA STIG Microsoft PowerPoint 2013 v1r7
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - 800-171
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Enable Parental Controls	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
OL07-00-021024 - The Oracle Linux operating system must mount /dev/shm with secure options.	Unix	DISA Oracle Linux 7 STIG v3r1
OL08-00-040120 - OL 8 must mount '/dev/shm' with the 'nodev' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040121 - OL 8 must mount '/dev/shm' with the 'nosuid' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040122 - OL 8 must mount '/dev/shm' with the 'noexec' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040123 - OL 8 must mount '/tmp' with the 'nodev' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040124 - OL 8 must mount '/tmp' with the 'nosuid' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040125 - OL 8 must mount '/tmp' with the 'noexec' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040126 - OL 8 must mount '/var/log' with the 'nodev' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040127 - OL 8 must mount '/var/log' with the 'nosuid' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040128 - OL 8 must mount '/var/log' with the 'noexec' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040129 - OL 8 must mount '/var/log/audit' with the 'nodev' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040130 - OL 8 must mount '/var/log/audit' with the 'nosuid' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040131 - OL 8 must mount '/var/log/audit' with the 'noexec' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040132 - OL 8 must mount '/var/tmp' with the 'nodev' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040133 - OL 8 must mount '/var/tmp' with the 'nosuid' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040134 - OL 8 must mount '/var/tmp' with the 'noexec' option.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040135 - The OL 8 'fapolicy' module must be installed.	Unix	DISA Oracle Linux 8 STIG v2r2
OL08-00-040136 - The OL 8 'fapolicy' module must be enabled.	Unix	DISA Oracle Linux 8 STIG v2r2

Detections

Analytics

CCI|CCI-001764

Title

Reference Item Details

Audit Items