CIS Debian Linux 13 v1.0.0 L1 Server

Audit Details

Name: CIS Debian Linux 13 v1.0.0 L1 Server

Updated: 1/27/2026

Authority: CIS

Plugin: Unix

Revision: 1.0

Estimated Item Count: 263

File Details

Filename: CIS_Debian_Linux_13_v1.0.0_L1_Server.audit

Size: 1.33 MB

MD5: 30502244ae1050536368de9a2f4977c1

SHA256: 459e6f6a0f1b13be93a7f6924d8c5bdfb14c4c8e171cfa3d8a103985b723024e

Audit Items

Description	Categories
1.1.1.1 Ensure cramfs kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure freevxfs kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure hfs kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure hfsplus kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure jffs2 kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.9 Ensure firewire-core kernel module is not available	CONFIGURATION MANAGEMENT
1.1.1.10 Ensure usb-storage kernel module is not available	IDENTIFICATION AND AUTHENTICATION
1.1.1.11 Ensure unused filesystems kernel modules are not available	CONFIGURATION MANAGEMENT
1.1.2.1.1 Ensure /tmp is tmpfs or a separate partition	CONFIGURATION MANAGEMENT
1.1.2.1.2 Ensure nodev option set on /tmp partition	CONFIGURATION MANAGEMENT
1.1.2.1.3 Ensure nosuid option set on /tmp partition	CONFIGURATION MANAGEMENT
1.1.2.1.4 Ensure noexec option set on /tmp partition	CONFIGURATION MANAGEMENT
1.1.2.2.1 Ensure /dev/shm is tmpfs or a separate partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.2.2 Ensure nodev option set on /dev/shm partition	CONFIGURATION MANAGEMENT
1.1.2.2.3 Ensure nosuid option set on /dev/shm partition	CONFIGURATION MANAGEMENT
1.1.2.2.4 Ensure noexec option set on /dev/shm partition	CONFIGURATION MANAGEMENT
1.1.2.3.2 Ensure nodev option set on /home partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.3.3 Ensure nosuid option set on /home partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.4.2 Ensure nodev option set on /var partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.4.3 Ensure nosuid option set on /var partition	ACCESS CONTROL, MEDIA PROTECTION
1.1.2.5.2 Ensure nodev option set on /var/tmp partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.5.3 Ensure nosuid option set on /var/tmp partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.5.4 Ensure noexec option set on /var/tmp partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.6.2 Ensure nodev option set on /var/log partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.6.3 Ensure nosuid option set on /var/log partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.6.4 Ensure noexec option set on /var/log partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.7.2 Ensure nodev option set on /var/log/audit partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.1.2.7.4 Ensure noexec option set on /var/log/audit partition	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION
1.2.1.1 Ensure the source.list and .source files use the Signed-By option	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.2.1.3 Ensure access to gpg key files are configured	ACCESS CONTROL
1.2.1.4 Ensure access to /etc/apt/trusted.gpg.d directory is configured	ACCESS CONTROL
1.2.1.5 Ensure access to /etc/apt/auth.conf.d directory is configured	ACCESS CONTROL
1.2.1.6 Ensure access to files in the /etc/apt/auth.conf.d/ directory is configured	ACCESS CONTROL, MEDIA PROTECTION
1.2.1.7 Ensure access to /usr/share/keyrings directory is configured	ACCESS CONTROL
1.2.1.8 Ensure access to /etc/apt/sources.list.d directory is configured	ACCESS CONTROL
1.2.1.9 Ensure access to files in /etc/apt/sources.list.d are configured	ACCESS CONTROL
1.2.2.1 Ensure updates, patches, and additional security software are installed	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
1.3.1.1 Ensure apparmor packages are installed	ACCESS CONTROL, MEDIA PROTECTION
1.3.1.2 Ensure AppArmor is enabled	ACCESS CONTROL, MEDIA PROTECTION
1.3.1.4 Ensure apparmor_restrict_unprivileged_unconfined is enabled	SYSTEM AND INFORMATION INTEGRITY
1.4.1 Ensure bootloader password is set	ACCESS CONTROL, MEDIA PROTECTION
1.4.2 Ensure access to bootloader config is configured	ACCESS CONTROL, MEDIA PROTECTION
1.5.1 Ensure fs.protected_hardlinks is configured	ACCESS CONTROL
1.5.3 Ensure kernel.yama.ptrace_scope is configured	CONFIGURATION MANAGEMENT
1.5.4 Ensure fs.suid_dumpable is configured	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.5.5 Ensure kernel.dmesg_restrict is configured	SYSTEM AND COMMUNICATIONS PROTECTION
1.5.6 Ensure prelink is not installed	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
1.5.7 Ensure Automatic Error Reporting is configured	CONFIGURATION MANAGEMENT
1.5.8 Ensure kernel.kptr_restrict is configured	CONFIGURATION MANAGEMENT

Detections

Analytics

CIS Debian Linux 13 v1.0.0 L1 Server

Audit Details

File Details

Audit Items