Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002314
CCI
CCI|CCI-002314
Title
Employ automated mechanisms to control remote access methods.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.11 UBTU-24-100300
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.12 UBTU-24-100310
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.46 UBTU-22-251010
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.47 UBTU-22-251015
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.162 RHEL-09-251010
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.163 RHEL-09-251015
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.302 OL08-00-040090
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.303 OL08-00-040100
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.304 OL08-00-040101
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
3.5.3.2.3 Ensure iptables rules exist for all open ports
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
3.5.3.2.3 Ensure iptables rules exist for all open ports
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Server
3.5.3.2.3 Ensure iptables rules exist for all open ports
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
3.5.3.2.3 Ensure iptables rules exist for all open ports - PPSM CLSA and vulnerability assessments.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.1.1 Ensure ufw is installed
Unix
CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
4.1.1 Ensure ufw is installed
Unix
CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
4.1.2 Ensure ufw service is configured
Unix
CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Workstation
4.1.2 Ensure ufw service is configured
Unix
CIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
5.117 - Users must be prevented from connecting using Terminal Services.
Windows
DISA Windows Vista STIG v6r41
AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS 12 v2r1
AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 v2r2
AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS/iPadOS 17 v2r2
AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop.
MDM
AirWatch - DISA Apple iOS/iPadOS 18 v1r4
AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop.
MDM
MobileIron - DISA Apple iOS/iPadOS 18 v1r4
AIX7-00-001137 - AIX must be able to control the ability of remote login for users.
Unix
DISA STIG AIX 7.x v3r1
ALMA-09-018720 - The firewalld service on AlmaLinux OS 9 must be active.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r3
ALMA-09-031700 - AlmaLinux OS 9 must have the firewalld package installed.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r3
AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones.
Unix
DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware
AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones.
Unix
DISA STIG Apache Server 2.4 Unix Server v3r2
AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones.
Windows
DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones.
Windows
DISA STIG Apache Server 2.4 Windows Server v3r3
AS24-W2-000670 - The Apache web server must restrict inbound connections from nonsecure zones.
Windows
DISA STIG Apache Server 2.4 Windows Site v2r2
AZLX-23-001075 - Amazon Linux 2023 must have the firewalld package installed.
Unix
DISA Amazon Linux 2023 STIG v1r1
AZLX-23-001080 - Amazon Linux 2023 must have the firewalld servicew active.
Unix
DISA Amazon Linux 2023 STIG v1r1
Big Sur - Control remote access methods
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Control remote access methods
Unix
NIST macOS Catalina v1.5.0 - All Profiles
ESXI-06-200035 - The VMM must provide the capability to immediately disconnect or disable remote access to the information system by disabling SSH.
VMware
DISA STIG VMware vSphere 6.x ESXi v1r5
ESXI-67-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling SSH.
VMware
DISA STIG VMware vSphere 6.7 ESXi v1r3
ESXI-70-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).
VMware
DISA STIG VMware vSphere 7.0 ESXi v1r4
ESXI-80-000193 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).
VMware
DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware
ESXI-80-000193 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).
VMware
DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware
ESXi: esxi-8.deactivate-ssh
VMware
VMware vSphere Security Configuration and Hardening Guide
F5BI-AP-000153 - The BIG-IP APM module access policy profile must control remote access methods to virtual servers.
F5
DISA F5 BIG-IP Access Policy Manager STIG v2r4
F5BI-LT-000153 - The BIG-IP Core implementation providing intermediary services for remote access communications traffic must control remote access methods to virtual servers.
F5
DISA F5 BIG-IP Local Traffic Manager STIG v2r4
