CIS AlmaLinux OS 9 Workstation L1 v1.0.0

Audit Details

Name: CIS AlmaLinux OS 9 Workstation L1 v1.0.0

Updated: 6/6/2024

Authority: CIS

Plugin: Unix

Revision: 1.28

Estimated Item Count: 473

File Details

Filename: CIS_AlmaLinux_OS_9_v1.0.0_L1_Workstation.audit

Size: 716 kB

MD5: 5bf02a1c3620a406ff2cb1c6b22617af
SHA256: b14880b04c2860585ecc872b8c2b6eb01be8cd72acbc09de643446081dad4842

Audit Items

DescriptionCategories
1.1.2.1 Ensure /tmp is a separate partition

CONFIGURATION MANAGEMENT

1.1.2.1 Ensure /tmp is a separate partition - config check

CONFIGURATION MANAGEMENT

1.1.2.1 Ensure /tmp is a separate partition - mount check

CONFIGURATION MANAGEMENT

1.1.2.2 Ensure nodev option set on /tmp partition

CONFIGURATION MANAGEMENT

1.1.2.2 Ensure nodev option set on /tmp partition

CONFIGURATION MANAGEMENT

1.1.2.3 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.3.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.2 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.4 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.4.4 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.3 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.3 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.4 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.5.4 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.2 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.3 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.3 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.4 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.6.4 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.7.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.1 Ensure /dev/shm is a separate partition

CONFIGURATION MANAGEMENT

1.1.8.1 Ensure /dev/shm is a separate partition

CONFIGURATION MANAGEMENT

1.1.8.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.3 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.4 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.8.4 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.2.1 Ensure GPG keys are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1 Ensure GPG keys are configured - gpgkey

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1 Ensure GPG keys are configured - show rpm keys

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure gpgcheck is globally activated

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure gpgcheck is globally activated - /etc/yum.repos.d/*

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure gpgcheck is globally activated - dnf.conf

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.3 Ensure package manager repositories are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY