CIS Bottlerocket L2

Audit Details

Name: CIS Bottlerocket L2

Updated: 2/23/2024

Authority: CIS

Plugin: Unix

Revision: 1.0

Estimated Item Count: 16

File Details

Filename: CIS_Bottlerocket_v1.0.0_L2.audit

Size: 44.5 kB

MD5: d780bd11a4cab3b9b1d8f8e7173b5242
SHA256: 76457b040e64db10f7cf8164cf2f0b715c000fc173e1d7ba00d9a2a21aef49f2

Audit Items

DescriptionCategories
1.1.1.1 Ensure mounting of UDF filesystems is disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.4.4 Ensure user namespaces are disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.2 Ensure Lockdown is configured

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.1.1 Ensure packet redirect sending is disabled

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.1 Ensure source routed packets are not accepted

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.2 Ensure ICMP redirects are not accepted

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.3 Ensure secure ICMP redirects are not accepted

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.2.4 Ensure suspicious packets are logged

AUDIT AND ACCOUNTABILITY

3.3.1 Ensure SCTP is disabled

CONFIGURATION MANAGEMENT

3.4.1.1 Ensure IPv4 default deny firewall policy

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.2 Ensure IPv4 loopback traffic is configured

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.3 Ensure IPv4 outbound and established connections are configured

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.1 Ensure IPv6 default deny firewall policy

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure IPv6 loopback traffic is configured

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.3 Ensure IPv6 outbound and established connections are configured

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS_Bottlerocket_v1.0.0_L2.audit from CIS Bottlerocket Benchmark Level 2