Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001764
CCI
CCI|CCI-001764
Title
Prevent program execution in accordance with organization-defined policies, rules of behavior, and/or access agreements regarding software program usage and restrictions; rules authorizing the terms and conditions of software program usage.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.1.7 Ensure noexec option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.7 Ensure noexec option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.022 - Disallow AutoPlay/Autorun from Autorun.inf
Windows
DISA Windows Vista STIG v6r41
3.059 - The system is configured to autoplay removable media.
Windows
DISA Windows Vista STIG v6r41
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIX7-00-003025 - AIX must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.
Unix
DISA STIG AIX 7.x v3r1
ALMA-09-025980 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on file systems that contain user home directories.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026090 - AlmaLinux OS 9 must prevent device files from being interpreted on file systems that contain user home directories.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026200 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026310 - AlmaLinux OS 9 must mount /boot with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026420 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on the /boot directory.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026530 - AlmaLinux OS 9 must mount /dev/shm with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026640 - AlmaLinux OS 9 must mount /dev/shm with the noexec option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026750 - AlmaLinux OS 9 must mount /dev/shm with the nosuid option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026860 - AlmaLinux OS 9 must mount /tmp with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-026970 - AlmaLinux OS 9 must mount /tmp with the noexec option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027080 - AlmaLinux OS 9 must mount /tmp with the nosuid option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027190 - AlmaLinux OS 9 must mount /var/log/audit with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027300 - AlmaLinux OS 9 must mount /var/log/audit with the noexec option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027410 - AlmaLinux OS 9 must mount /var/log/audit with the nosuid option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027520 - AlmaLinux OS 9 must mount /var/log with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027630 - AlmaLinux OS 9 must mount /var/log with the noexec option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027740 - AlmaLinux OS 9 must mount /var/log with the nosuid option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027850 - AlmaLinux OS 9 must mount /var with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-027960 - AlmaLinux OS 9 must mount /var/tmp with the nodev option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-028070 - AlmaLinux OS 9 must mount /var/tmp with the noexec option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
ALMA-09-028180 - AlmaLinux OS 9 must mount /var/tmp with the nosuid option.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r1
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-171
CNTR-R2-000550 Rancher RKE2 must be configured with only essential configurations.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r2
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2