CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0

Audit Details

Name: CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0

Updated: 4/25/2022

Authority: CIS

Plugin: Unix

Revision: 1.4

Estimated Item Count: 19

File Details

Filename: CIS_Apache_Cassandra_3.11_v1.0.0_L2_OS_Unix.audit

Size: 45.1 kB

MD5: 577e1e6c887a656b13c21f815683a441
SHA256: 420748d64776376b619a7085b6d769178f5caf5fc052310f585c13a0580b5914

Audit Items

DescriptionCategories
1.1 Ensure a separate user and group exist for Cassandra - group

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwd

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - user exists in group

ACCESS CONTROL

1.2 Ensure the latest version of Java is installed

SYSTEM AND SERVICES ACQUISITION

1.3 Ensure the latest version of Python is installed

SYSTEM AND SERVICES ACQUISITION

1.4 Ensure latest version of Cassandra is installed

SYSTEM AND SERVICES ACQUISITION

1.5 Ensure the Cassandra service is run as a non-root user

ACCESS CONTROL

1.6 Ensure clocks are synchronized on all nodes

AUDIT AND ACCOUNTABILITY

2.1 Ensure that authentication is enabled for Cassandra databases

ACCESS CONTROL

2.2 Ensure that authorization is enabled for Cassandra databases

ACCESS CONTROL

3.2 Ensure that the default password changed for the cassandra role

ACCESS CONTROL

3.4 Ensure that Cassandra is run using a non-privileged, dedicated service account

ACCESS CONTROL

3.5 Ensure that Cassandra only listens for network connections on authorized interfaces

SYSTEM AND INFORMATION INTEGRITY

4.1 Ensure that logging is enabled. - logback.xml

AUDIT AND ACCOUNTABILITY

4.1 Ensure that logging is enabled. - nodetool getlogginglevels

AUDIT AND ACCOUNTABILITY

4.2 Ensure that auditing is enabled

AUDIT AND ACCOUNTABILITY

5.1 Inter-node Encryption

SYSTEM AND COMMUNICATIONS PROTECTION

5.2 Client Encryption

SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Apache_Cassandra_3.11_v1.0.0_L1_OS_Unix.audit from CIS Apache Cassandra 3.11 Benchmark v1.0.0