CSCv7|8

Title

Malware Defenses

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.5 Ensure noexec option set on /tmp partitionUnixCIS Debian 9 Server L1 v1.0.1
1.1.5 Ensure noexec option set on /tmp partitionUnixCIS Debian 9 Workstation L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partitionUnixCIS Debian 9 Workstation L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partitionUnixCIS Debian 9 Server L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitionsUnixCIS Debian 9 Server L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitionsUnixCIS Debian 9 Workstation L1 v1.0.1
1.3 Ensure 'Ask where to save each file before downloading' is set to 'Enabled'WindowsCIS Google Chrome L1 v2.0.0
1.3.10 Ensure 'Password Profiles' do not existPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.4 Ensure 'Disable saving browser history' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.0.0
1.13 Ensure 'Disable saving browser history' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
2.1 Ensure that Azure Defender is set to On for Serversmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.2 Ensure that Azure Defender is set to On for App Servicemicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.3 Ensure that Azure Defender is set to On for Azure SQL database serversmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.4 Ensure that Azure Defender is set to On for SQL servers on machinesmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.5 Ensure that Azure Defender is set to On for Storagemicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.6 Ensure that Azure Defender is set to On for Kubernetesmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.7 Ensure that Azure Defender is set to On for Container Registriesmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.8 Ensure that Azure Defender is set to On for Key Vaultmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.9 Ensure 'Allow download restrictions' is set to 'Enabled: Block dangerous downloads'WindowsCIS Google Chrome L1 v2.1.0
2.9 Ensure that Windows Defender ATP (WDATP) integration with Security Center is selectedmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.10 Ensure that Microsoft Cloud App Security (MCAS) integration with Security Center is selectedmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L2
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 10.15 v1.3.0 L1
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 10.15 v1.4.0 L1
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 11 v1.1.0 L1
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 11 v1.2.0 L1
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 10.14 v1.4.0 L1
2.12 Automatic Actions for Optical MediaUnixCIS Apple macOS 10.14 v1.3.0 L1
2.14 Ensure 'Allow download restrictions' is set to 'Enabled' with 'Block dangerous downloads' specified.WindowsCIS Google Chrome L1 v2.0.0
2.15 Ensure 'Disable proceeding from the Safe Browsing warning page' is set to 'Enabled'WindowsCIS Google Chrome L1 v2.0.0
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
18.9.45.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + BL + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + BL
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + NG
18.9.77.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL