Detections
Analytics

CIS AlmaLinux OS 8 v4.0.0 L1 Workstation

Audit Details

Name: CIS AlmaLinux OS 8 v4.0.0 L1 Workstation

Updated: 10/24/2025

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 253

File Details

Filename: CIS_AlmaLinux_OS_8_v4.0.0_L1_Workstation.audit

Size: 1.2 MB

MD5: de9ef51dbb99a7ee438c88571f5690fd
SHA256: b2d216f36896bba95a3a42d6b425dac2d32428bdaf6b4764e86b6d1de0dbc650

Audit Items

DescriptionCategories
1.1.1.1 Ensure cramfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure freevxfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure hfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure hfsplus kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.9 Ensure firewire-core kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.11 Ensure unused filesystems kernel modules are not available

CONFIGURATION MANAGEMENT

1.1.2.1.1 Ensure /tmp is tmpfs or a separate partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.2 Ensure nodev option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.3 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.4 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.1 Ensure /dev/shm is tmpfs

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.3 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.4 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.2 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.4 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.3 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.4 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.4 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.2.1.1 Ensure GPG keys are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.2 Ensure gpgcheck is configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.4 Ensure package manager repositories are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2.1 Ensure updates, patches, and additional security software are installed

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3.1.1 Ensure SELinux is installed

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.2 Ensure SELinux is not disabled in bootloader configuration

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.3 Ensure SELinux policy is configured

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.4 Ensure the SELinux mode is not disabled

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.7 Ensure the MCS Translation Service (mcstrans) is not installed

CONFIGURATION MANAGEMENT

1.4.1 Ensure bootloader password is set

ACCESS CONTROL, MEDIA PROTECTION

1.4.2 Ensure access to bootloader config is configured

ACCESS CONTROL, MEDIA PROTECTION

1.5.1 Ensure core file size is configured

ACCESS CONTROL

1.5.2 Ensure fs.protected_hardlinks is configured

CONFIGURATION MANAGEMENT

1.5.4 Ensure fs.suid_dumpable is configured

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.5.5 Ensure kernel.dmesg_restrict is configured

ACCESS CONTROL, MEDIA PROTECTION

1.5.6 Ensure kernel.kptr_restrict is configured

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

1.5.7 Ensure kernel.yama.ptrace_scope is configured

CONFIGURATION MANAGEMENT

1.5.8 Ensure kernel.randomize_va_space is configured

SYSTEM AND INFORMATION INTEGRITY

1.5.9 Ensure systemd-coredump ProcessSizeMax is configured

CONFIGURATION MANAGEMENT

1.5.10 Ensure systemd-coredump Storage is configured

CONFIGURATION MANAGEMENT

1.6.1 Ensure system wide crypto policy is not set to legacy

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.2 Ensure system wide crypto policy disables sha1 hash and signature support

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION