Detections
Analytics

CSCv6|2.2

Title

Deploy application whitelisting technology that allows systems to run software only if it is included on the whitelist.

Description

Deploy application whitelisting technology that allows systems to run software only if it is included on the whitelist and prevents execution of all other software on the system. The whitelist may be very extensive (as is available from commercial whitelist vendors), so that users are not inconvenienced when using common software. Or, for some special-purpose systems (which require only a small number of programs to achieve their needed business functionality), the whitelist may be quite narrow.

Reference Item Details

Category: Inventory of Authorized and Unauthorized Software

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.2.2.1.2 Configure 'Turn off Search Companion content file updates'WindowsCIS Windows 2003 MS v3.1.0
1.2.2.2.1.2 Configure 'Turn off Search Companion content file updates'WindowsCIS Windows 2003 DC v3.1.0
1.2.2.2.1.4 Configure 'Turn off the Windows Messenger Customer Experience Improvement Program'WindowsCIS Windows 2003 MS v3.1.0
1.2.2.2.1.4 Configure 'Turn off the Windows Messenger Customer Experience Improvement Program'WindowsCIS Windows 2003 DC v3.1.0
1.2.2.2.1.5 Configure 'Turn off printing over HTTP'WindowsCIS Windows 2003 DC v3.1.0
1.2.2.2.1.5 Configure 'Turn off printing over HTTP'WindowsCIS Windows 2003 MS v3.1.0
1.2.3.1.5 Set 'Turn off the Windows Messenger Customer Experience Improvement Program' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.1.6 Set 'Turn off Search Companion content file updates' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.3.1.9 Set 'Turn off printing over HTTP' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.2.4.13 Configure 'Allow all trusted apps to install'WindowsCIS Windows 8 L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Server L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Aliyun Linux 2 L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Server L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 12 L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux v2.0.0 L1
1.3.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixHuawei EulerOS 2 Workstation L1 v1.0
1.3.1 Ensure AIDE is installedUnixCIS Debian 9 Server L1 v1.0.1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Server L1 v1.1.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Workstation L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.1 Ensure AIDE is installedUnixHuawei EulerOS 2 Server L1 v1.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Workstation L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Workstation L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Workstation L1 v1.1.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0
1.3.1 Ensure AIDE is installedUnixCIS Debian 9 Workstation L1 v1.0.1
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux v2.1.0 L1
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.1.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 20.04 LTS Server L1 v1.1.0
1.3.1 Ensure AIDE is installed - aideUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
1.10 Ensure required packages for multifactor authentication are installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.11.4 Turn off printing over HTTPWindowsCIS Windows 2008 Enterprise v1.2.0
1.11.4 Turn off printing over HTTPWindowsCIS Windows 2008 SSLF v1.2.0
1.11.5 Turn off Search Companion content file updatesWindowsCIS Windows 2008 Enterprise v1.2.0
1.11.5 Turn off Search Companion content file updatesWindowsCIS Windows 2008 SSLF v1.2.0
1.11.6 Turn off the Windows Messenger Customer Experience Improvement ProgramWindowsCIS Windows 2008 Enterprise v1.2.0
1.11.6 Turn off the Windows Messenger Customer Experience Improvement ProgramWindowsCIS Windows 2008 SSLF v1.2.0
1.12 Ensure host-based intrusion detection tool is used - mcafeetp packageUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG