CSCv7|16

Title

Account Monitoring and Control

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Account Monitoring and Control

Audit Items

Name	Plugin	Audit Name
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.23 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.23 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.26 Ensure that the --service-account-lookup argument is set to true	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.3 Ensure security questions are registered in the AWS account	amazon_aws	CIS Amazon Web Services Foundations L1 3.0.0
1.3.1 Ensure 'Minimum Password Complexity' is enabled	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.3 Ensure 'Minimum Uppercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.5 Ensure 'Minimum Numeric Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.5 Ensure 'Minimum Numeric Letters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.6 Ensure 'Minimum Special Characters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.6 Ensure 'Minimum Special Characters' is greater than or equal to 1	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 days	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.7 Ensure 'Required Password Change Period' is less than or equal to 90 days	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwords	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.9 Ensure 'Prevent Password Reuse Limit' is set to 24 or more passwords	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.3.10 Ensure 'Password Profiles' do not exist	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.3.10 Ensure 'Password Profiles' do not exist	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Failed Attempts	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Failed Attempts	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Lockout Time	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured - Lockout Time	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.8 Ensure IAM password policy requires minimum length of 14 or greater	amazon_aws	CIS Amazon Web Services Foundations L1 3.0.0
1.11 Do not setup access keys during initial user setup for all IAM users that have a console password	amazon_aws	CIS Amazon Web Services Foundations L1 3.0.0
1.14 Ensure access keys are rotated every 90 days or less	amazon_aws	CIS Amazon Web Services Foundations L1 3.0.0
1.15 Ensure IAM Users Receive Permissions Only Through Groups	amazon_aws	CIS Amazon Web Services Foundations L1 3.0.0
2.1 Ensure that IP addresses are mapped to usernames - User ID Agents	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0
2.1 Ensure that IP addresses are mapped to usernames - User ID Agents	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L2
2.1 Ensure that IP addresses are mapped to usernames - Zones	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L2
2.1 Ensure that IP addresses are mapped to usernames - Zones	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_failed_connections_threshold	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_failed_connections_threshold	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_max_connection_delay	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_max_connection_delay	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
2.12 Ensure that authorization for Docker client commands is enabled	Unix	CIS Docker v1.6.0 L2 Docker Linux
2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL	MySQLDB	CIS MySQL 5.7 Enterprise Database L1 v2.0.0
2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL	MySQLDB	CIS MySQL 5.7 Community Database L1 v2.0.0
2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS	MySQLDB	CIS MySQL 5.7 Community Database L1 v2.0.0

Detections

Analytics

CSCv7|16

Title

Reference Item Details

Audit Items