CSCv7|8

Malware Defenses

Reference: CIS Critical Security Controls v7

Category: Malware Defenses

Name	Plugin	Audit Name
1.1.5 Ensure noexec option set on /tmp partition	Unix	CIS Debian 9 Server L1 v1.0.1
1.1.5 Ensure noexec option set on /tmp partition	Unix	CIS Debian 9 Workstation L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partition	Unix	CIS Debian 9 Workstation L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partition	Unix	CIS Debian 9 Server L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitions	Unix	CIS Debian 9 Server L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitions	Unix	CIS Debian 9 Workstation L1 v1.0.1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profiles	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profiles	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
5.4 Ensure forwarding of decrypted content to WildFire is enabled	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in use	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in use	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
7.6 Automatic Actions for Optical Media	Unix	CIS Apple macOS 10.12 L1 v1.2.0