CIS AlmaLinux OS 9 Server L1 v1.0.0

Audit Details

Name: CIS AlmaLinux OS 9 Server L1 v1.0.0

Updated: 6/6/2024

Authority: CIS

Plugin: Unix

Revision: 1.28

Estimated Item Count: 484

File Details

Filename: CIS_AlmaLinux_OS_9_v1.0.0_L1_Server.audit

Size: 740 kB

MD5: e6eb11422d6979c9a255d4edd48e5126
SHA256: b271b8a5477d5ad0a96a49b1265cd5c19c6de88846b41c701f36fcb6f1434f17

Audit Items

DescriptionCategories
1.1.2.1 Ensure /tmp is a separate partition

CONFIGURATION MANAGEMENT

1.1.2.1 Ensure /tmp is a separate partition - config check

CONFIGURATION MANAGEMENT

1.1.2.1 Ensure /tmp is a separate partition - mount check

CONFIGURATION MANAGEMENT

1.1.2.2 Ensure nodev option set on /tmp partition

CONFIGURATION MANAGEMENT

1.1.2.2 Ensure nodev option set on /tmp partition

CONFIGURATION MANAGEMENT

1.1.2.3 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.4 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.4 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.3 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.3 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.4 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.4 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.3 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.3 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.4 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.4 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.1 Ensure /dev/shm is a separate partition

CONFIGURATION MANAGEMENT

1.1.8.1 Ensure /dev/shm is a separate partition

CONFIGURATION MANAGEMENT

1.1.8.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.4 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.4 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.9 Disable USB Storage

MEDIA PROTECTION

1.1.9 Disable USB Storage

MEDIA PROTECTION

1.2.1 Ensure GPG keys are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1 Ensure GPG keys are configured - gpgkey

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1 Ensure GPG keys are configured - show rpm keys

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure gpgcheck is globally activated

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure gpgcheck is globally activated - /etc/yum.repos.d/*

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY