Detections
Analytics

CCI|CCI-002385

Title

The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.097 - The system is configured for a greater keep-alive time than recommended.WindowsDISA Windows 7 STIG v1r32
3.097 - The system is configured for a greater keep-alive time than recommended.WindowsDISA Windows Server 2008 DC STIG v6r47
3.097 - The system is configured for a greater keep-alive time than recommended.WindowsDISA Windows Server 2008 MS STIG v6r46
3.097 - The system is configured for a greater keep-alive time than recommended.WindowsDISA Windows Vista STIG v6r41
3.097 - The system will be configured to limit how often keep-alive packets are sent.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.097 - The system will be configured to limit how often keep-alive packets are sent.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows Vista STIG v6r41
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows Server 2008 MS STIG v6r46
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows 7 STIG v1r32
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows Server 2008 DC STIG v6r47
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.104 - The system is configured to detect and configure default gateway addresses.WindowsDISA Windows 7 STIG v1r32
3.104 - The system is configured to detect and configure default gateway addresses.WindowsDISA Windows Server 2008 MS STIG v6r46
3.104 - The system is configured to detect and configure default gateway addresses.WindowsDISA Windows Vista STIG v6r41
3.104 - The system is configured to detect and configure default gateway addresses.WindowsDISA Windows Server 2008 DC STIG v6r47
3.104 - The system will be configured to disable the Internet Router Discover Protocol (IRDP).WindowsDISA Windows Server 2008 R2 MS STIG v1r33
3.104 - The system will be configured to disable the Internet Router Discover Protocol (IRDP).WindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.WindowsDISA Windows 7 STIG v1r32
4.510 - The system must protect against or limit the effects of Denial of Service (DoS) attacks by validating the operating system is implementing rate-limiting measures on impacted network interfaces - sysctlUnixTenable Fedora Linux Best Practices v2.0.0
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows Server 2008 DC STIG v6r47
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows Vista STIG v6r41
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows Server 2008 MS STIG v6r46
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.WindowsDISA Windows 7 STIG v1r32
5.239 - Disable heap termination on corruption in Windows Explorer.WindowsDISA Windows 7 STIG v1r32
5.239 - Windows Explorer - Heap TerminationWindowsDISA Windows Vista STIG v6r41
5.239 - Windows Explorer - Heap TerminationWindowsDISA Windows Server 2008 DC STIG v6r47
5.239 - Windows Explorer - Heap TerminationWindowsDISA Windows Server 2008 MS STIG v6r46
5.239 - Windows Explorer heap termination on corruption will be disabled.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
5.239 - Windows Explorer heap termination on corruption will be disabled.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfacesUnixDISA STIG AIX 7.x v2r8
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfacesUnixDISA STIG AIX 7.x v2r9
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_coreUnixDISA STIG AIX 7.x v2r3
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_coreUnixDISA STIG AIX 7.x v2r5
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_coreUnixDISA STIG AIX 7.x v2r1
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_coreUnixDISA STIG AIX 7.x v2r6
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_connsUnixDISA STIG AIX 7.x v2r5
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_connsUnixDISA STIG AIX 7.x v2r3
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_connsUnixDISA STIG AIX 7.x v2r1
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_connsUnixDISA STIG AIX 7.x v2r6
AMLS-L3-000260 - Arista MLS must ensure all eBGP routers are configured to use GTSM or are configured to meet RFC3682.AristaDISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000260 - The Arista Multilayer Switch must ensure all Exterior Border Gateway Protocol (eBGP) routers are configured to use Generalized TTL Security Mechanism (GTSM) or are configured to meet RFC3682.AristaDISA STIG Arista MLS DCS-7000 Series RTR v1r3
ARST-L2-000030 - The Arista MLS layer 2 switch must be configured for Storm Control to limit the effects of packet flooding types of denial-of-service (DoS) attacks.AristaDISA STIG Arista MLS EOS 4.2x L2S v1r1
ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts.AristaDISA STIG Arista MLS EOS 4.2x L2S v1r1
ARST-L2-000060 - The Arista MLS layer 2 switch must have BPDU Guard enabled on all switch ports connecting to access layer switches and hosts.AristaDISA STIG Arista MLS EOS 4.2x L2S v1r1
ARST-L2-000070 - The Arista MLS switch must have STP Loop Guard enabled on all nondesignated STP switch ports.AristaDISA STIG Arista MLS EOS 4.2x L2S v1r1