Detections
Analytics

CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation

Audit Details

Name: CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation

Updated: 11/25/2025

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 39

File Details

Filename: CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Workstation.audit

Size: 268 kB

MD5: f7642d54009587504e166310467dbab5
SHA256: 94dc949115abe0719c2c79491d2b7a0ad79a198c6e50adae76539976ed159323

Audit Items

DescriptionCategories
1.1.1.2 Ensure mounting of squashfs filesystems is disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.10 Ensure separate partition exists for /var

CONFIGURATION MANAGEMENT

1.1.11 Ensure separate partition exists for /var/tmp

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.1.15 Ensure separate partition exists for /var/log

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.16 Ensure separate partition exists for /var/log/audit

CONFIGURATION MANAGEMENT

1.1.17 Ensure separate partition exists for /home

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.27 Disable Automounting

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.1.28 Disable USB Storage

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.6.1.5 Ensure the SELinux mode is enforcing

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

2.2.3 Ensure Avahi Server is not installed

CONFIGURATION MANAGEMENT

3.1.1 Disable IPv6

CONFIGURATION MANAGEMENT

3.1.2 Ensure wireless interfaces are disabled

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1 Ensure DCCP is disabled

IDENTIFICATION AND AUTHENTICATION

3.4.2 Ensure SCTP is disabled

CONFIGURATION MANAGEMENT

4.1.1.1 Ensure auditd is installed

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabled and running

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled

AUDIT AND ACCOUNTABILITY

4.1.2.1 Ensure audit log storage size is configured

AUDIT AND ACCOUNTABILITY

4.1.2.2 Ensure audit logs are not automatically deleted

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure system is disabled when audit logs are full

AUDIT AND ACCOUNTABILITY

4.1.2.7 Ensure audit_backlog_limit is sufficient

AUDIT AND ACCOUNTABILITY

4.1.3.1 Ensure events that modify date and time information are collected

AUDIT AND ACCOUNTABILITY

4.1.3.2 Ensure system administrator command executions (sudo) are collected

AUDIT AND ACCOUNTABILITY

4.1.3.3 Ensure session initiation information is collected

AUDIT AND ACCOUNTABILITY

4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected

AUDIT AND ACCOUNTABILITY

4.1.3.5 Ensure events that modify the system's network environment are collected

AUDIT AND ACCOUNTABILITY

4.1.3.6 Ensure successful file system mounts are collected

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure changes to system administration scope (sudoers) is collected

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.9 Ensure file deletion events by users are collected

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.10 Ensure use of privileged commands is collected

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.12 Ensure discretionary access control permission modification events are collected

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collected

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.14 Ensure events that modify user/group information are collected

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.3.41 Ensure the audit configuration is immutable

ACCESS CONTROL, MEDIA PROTECTION

5.3.23 Ensure SSH AllowTcpForwarding is disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.1 Audit system file permissions

CONFIGURATION MANAGEMENT

CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Workstation.audit from CIS Amazon Linux 2 STIG v2.0.0