CIS Debian Linux 11 Server L1 v1.0.0

Audit Details

Name: CIS Debian Linux 11 Server L1 v1.0.0

Updated: 9/19/2023

Authority: CIS

Plugin: Unix

Revision: 1.20

Estimated Item Count: 325

File Details

Filename: CIS_Debian_Linux_11_v1.0.0_L1_Server.audit

Size: 1.16 MB

MD5: 2564e1af06b6c3eeea54c2bf7bb06dab

SHA256: 83a8a2d63491ef5f3fa19c795b4b88b2c54c5bad963be5471ccc384adb303f65

Audit Items

Description	Categories
1.1.1.1 Ensure mounting of cramfs filesystems is disabled	CONFIGURATION MANAGEMENT
1.1.2.1 Ensure /tmp is a separate partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.2 Ensure nodev option set on /tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.3 Ensure noexec option set on /tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.4 Ensure nosuid option set on /tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.3.2 Ensure nodev option set on /var partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.3.3 Ensure nosuid option set on /var partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.4.2 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.4.3 Ensure nosuid option set on /var/tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.4.4 Ensure nodev option set on /var/tmp partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.5.2 Ensure nodev option set on /var/log partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.5.3 Ensure noexec option set on /var/log partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.5.4 Ensure nosuid option set on /var/log partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.6.2 Ensure noexec option set on /var/log/audit partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.6.3 Ensure nodev option set on /var/log/audit partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.6.4 Ensure nosuid option set on /var/log/audit partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.7.2 Ensure nodev option set on /home partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.7.3 Ensure nosuid option set on /home partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.8.1 Ensure nodev option set on /dev/shm partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.8.2 Ensure noexec option set on /dev/shm partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.8.3 Ensure nosuid option set on /dev/shm partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.9 Disable Automounting	MEDIA PROTECTION
1.1.10 Disable USB Storage - blacklist	MEDIA PROTECTION
1.1.10 Disable USB Storage - lsmod	MEDIA PROTECTION
1.1.10 Disable USB Storage - modprobe	MEDIA PROTECTION
1.2.1 Ensure package manager repositories are configured	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.2 Ensure GPG keys are configured	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.3.1 Ensure AIDE is installed - aide	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
1.3.1 Ensure AIDE is installed - aide-common	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
1.3.2 Ensure filesystem integrity is regularly checked	AUDIT AND ACCOUNTABILITY
1.4.1 Ensure bootloader password is set - 'passwd_pbkdf2'	IDENTIFICATION AND AUTHENTICATION
1.4.1 Ensure bootloader password is set - 'set superusers'	IDENTIFICATION AND AUTHENTICATION
1.4.2 Ensure permissions on bootloader config are configured	ACCESS CONTROL, MEDIA PROTECTION
1.4.3 Ensure authentication required for single user mode	IDENTIFICATION AND AUTHENTICATION
1.5.1 Ensure address space layout randomization (ASLR) is enabled - config	SYSTEM AND INFORMATION INTEGRITY
1.5.1 Ensure address space layout randomization (ASLR) is enabled - sysctl	SYSTEM AND INFORMATION INTEGRITY
1.5.2 Ensure prelink is not installed	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
1.5.3 Ensure Automatic Error Reporting is not enabled	CONFIGURATION MANAGEMENT
1.5.4 Ensure core dumps are restricted - limits config	ACCESS CONTROL
1.5.4 Ensure core dumps are restricted - processsizemax	ACCESS CONTROL
1.5.4 Ensure core dumps are restricted - storage	ACCESS CONTROL
1.5.4 Ensure core dumps are restricted - sysctl	ACCESS CONTROL
1.5.4 Ensure core dumps are restricted - sysctl config	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.6.1.1 Ensure AppArmor is installed - apparmor	ACCESS CONTROL, MEDIA PROTECTION
1.6.1.1 Ensure AppArmor is installed - apparmor-utils	ACCESS CONTROL, MEDIA PROTECTION
1.6.1.2 Ensure AppArmor is enabled in the bootloader configuration - apparmor	ACCESS CONTROL, MEDIA PROTECTION
1.6.1.2 Ensure AppArmor is enabled in the bootloader configuration - security	ACCESS CONTROL, MEDIA PROTECTION
1.6.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - loaded	ACCESS CONTROL, MEDIA PROTECTION
1.6.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - unconfined	ACCESS CONTROL, MEDIA PROTECTION
1.7.1 Ensure message of the day is configured properly - banner	ACCESS CONTROL

Detections

Analytics

CIS Debian Linux 11 Server L1 v1.0.0

Audit Details

File Details

Audit Items