Detections
Analytics

CSCv6|5.1

Title

Minimize administrative privileges and only use administrative accounts when they are required.

Description

Minimize administrative privileges and only use administrative accounts when they are required. Implement focused auditing on the use of administrative privileged functions and monitor for anomalous behavior.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure a separate user and group exist for Cassandra - groupUnixCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - groupUnixCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - passwdUnixCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - passwdUnixCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - user exists in groupUnixCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - user exists in groupUnixCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountWindowsCIS Microsoft SharePoint 2016 OS v1.0.0
1.1.1 Ensure that the API server pod specification file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.1 Ensure that the API server pod specification file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.1 Ensure that the API server pod specification file permissions are set to 644 or more restrictiveUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.2 Ensure only trusted users are allowed to control Docker daemonUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.2.1 Set 'Audit Policy: Privilege Use: Sensitive Privilege Use' to 'Success and Failure'WindowsCIS Windows 8 L1 v1.0.0
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.12 Ensure that the admission control policy is set to SecurityContextDenyUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.13 Ensure that the admin.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.13 Ensure that the admin.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.13 Ensure that the admin.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.13 Ensure that the admission control plugin SecurityContextDeny is setUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.13 Ensure that the admission control plugin SecurityContextDeny is setUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.13 Ensure that the admission control plugin SecurityContextDeny is setUnixCIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.14 Ensure that the admin.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.14 Ensure that the admission control policy is set to SecurityContextDenyUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.5.1 L1
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictiveUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictiveUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600UnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master