CSCv7|1.7

Title

Deploy Port Level Access Control

Description

Utilize port level access control, following 802.1x standards, to control which devices can authenticate to the network. The authentication system shall be tied into the hardware asset inventory data to ensure only authorized devices can connect to the network.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Inventory and Control of Hardware Assets

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.11 (L2) Host hardware must secure unused external hardware ports	VMware	CIS VMware ESXi 8.0 v1.2.0 L2
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 11 v1.0.0 L2
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 10 L2 v1.1.0 Middleware
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 10 L2 v1.1.0
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 9 L2 v1.2.0 Middleware
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 10.1 v1.1.0 L2
3.2 Disable the Shutdown port	Unix	CIS Apache Tomcat 9 L2 v1.2.0
3.16 (L1) Host must configure a session timeout for the API	VMware	CIS VMware ESXi 8.0 v1.2.0 L1
3.17 (L1) Host must automatically terminate idle host client sessions	VMware	CIS VMware ESXi 8.0 v1.2.0 L1
7.5 (L1) Virtual machines must be configured to lock when the last console connection is closed	VMware	CIS VMware ESXi 8.0 v1.2.0 L1
9.5 Ensure mutual TLS is enabled	MySQLDB	CIS MariaDB 10.6 Database L1 v1.1.0
10.5 Rename the manager application	Unix	CIS Apache Tomcat 11 v1.0.0 L2
10.5 Rename the manager application	Unix	CIS Apache Tomcat 10.1 v1.1.0 L2
11.2 Ensure Apache Processes Run in the httpd_t Confined Context	Unix	CIS Apache HTTP Server 2.4 v2.2.0 L2

Detections

Analytics

CSCv7|1.7

Title

Description

Reference Item Details

Audit Items