CSCv7|4

Title

Controlled Use of Administrative Privileges

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Controlled Use of Administrative Privileges

Audit Items

Name	Plugin	Audit Name
1.1 Ensure a separate user and group exist for Cassandra - group	Unix	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - group	Unix	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - passwd	Unix	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - passwd	Unix	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - user exists in group	Unix	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0
1.1 Ensure a separate user and group exist for Cassandra - user exists in group	Unix	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0
1.1.2 Ensure only trusted users are allowed to control Docker daemon	Unix	CIS Docker v1.3.1 L1 Linux Host OS
1.1.2 Ensure only trusted users are allowed to control Docker daemon	Unix	CIS Docker v1.6.0 L1 Docker Linux
1.1.2 Ensure only trusted users are allowed to control Docker daemon	Unix	CIS Docker v1.5.0 L1 Linux Host OS
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.2 Ensure that the API server pod specification file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.14 Ensure that the admin.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.14 Ensure that the default administrative credential file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes Benchmark v1.7.1 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes Benchmark v1.9.0 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.1.20 Ensure that the Kubernetes PKI certificate file permissions are set to 600 or more restrictive	Unix	CIS Kubernetes Benchmark v1.8.0 L1 Master

Detections

Analytics

CSCv7|4

Title

Reference Item Details

Audit Items