Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001764
CCI
CCI|CCI-001764
Title
Prevent program execution in accordance with organization-defined policies, rules of behavior, and/or access agreements regarding software program usage and restrictions; rules authorizing the terms and conditions of software program usage.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.1.7 Ensure noexec option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.7 Ensure noexec option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.8 Ensure nodev option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - fstab
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.9 Ensure nosuid option set on /dev/shm partition - mount
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.022 - Disallow AutoPlay/Autorun from Autorun.inf
Windows
DISA Windows Vista STIG v6r41
3.059 - The system is configured to autoplay removable media.
Windows
DISA Windows Vista STIG v6r41
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-003600 - Apple iOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-003600 - Apple iOS/iPadOS must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIX7-00-003025 - AIX must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.
Unix
DISA STIG AIX 7.x v3r1
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Parental Controls
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enable Parental Controls
Unix
NIST macOS Catalina v1.5.0 - 800-171
CNTR-R2-000550 Rancher RKE2 must be configured with only essential configurations.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r2
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DTOO210 - Excel - Pre-release versions of file formats new to Office Products must be blocked.
Windows
DISA STIG Office 2010 Excel v1r11
DTOO210 - PowerPoint - Pre-release versions of file formats new to Office Products must be blocked.
Windows
DISA STIG Office 2010 PowerPoint v1r11
DTOO210 - The opening of pre-release versions of file formats new to Excel 2013 through the Compatibility Pack for Office 2013 and Excel 2013 Converter must be blocked.
Windows
DISA STIG Microsoft Excel 2013 v1r8
DTOO210 - The opening of pre-release versions of file formats new to PowerPoint 2013 through the Compatibility Pack for Office 2013 and PowerPoint 2013 Converter must be blocked.
Windows
DISA STIG Microsoft PowerPoint 2013 v1r7
DTOO210 - Word - Pre-release versions of file formats new to Office Products must be blocked.
Windows
DISA STIG Office 2010 Word v1r12
GEN002420 - Removable media, remote file systems, and any file system that does not contain approved setuid files must be mounted with the 'nosuid' option - /etc/vfstab
Unix
DISA STIG Solaris 10 X86 v2r4
GEN002420 - Removable media, remote file systems, and any file system that does not contain approved setuid files must be mounted with the 'nosuid' option - /etc/vfstab
Unix
DISA STIG Solaris 10 SPARC v2r4
GEN002420 - Removable media, remote file systems, and any file system that does not contain approved setuid files must be mounted with the 'nosuid' option - zfs get
Unix
DISA STIG Solaris 10 X86 v2r4
GEN002420 - Removable media, remote file systems, and any file system that does not contain approved setuid files must be mounted with the 'nosuid' option - zfs get
Unix
DISA STIG Solaris 10 SPARC v2r4
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - 800-171
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Enable Parental Controls
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
OL07-00-021024 - The Oracle Linux operating system must mount /dev/shm with secure options.
Unix
DISA Oracle Linux 7 STIG v3r1
OL08-00-040120 - OL 8 must mount '/dev/shm' with the 'nodev' option.
Unix
DISA Oracle Linux 8 STIG v2r2
OL08-00-040121 - OL 8 must mount '/dev/shm' with the 'nosuid' option.
Unix
DISA Oracle Linux 8 STIG v2r2