CIS Debian 9 Workstation L2 v1.0.1

Audit Details

Name: CIS Debian 9 Workstation L2 v1.0.1

Updated: 3/18/2024

Authority: CIS

Plugin: Unix

Revision: 1.18

Estimated Item Count: 129

File Details

Filename: CIS_Debian_Linux_9_Workstation_v1.0.1_L2.audit

Size: 381 kB

MD5: 7f1cf9613e49718cb222178823bbbae2

SHA256: 95eb2245ddd3e53cbcbce53d4365ebbebedc5be602a499742e8fc0f24badd670

Audit Changelog


Revision 1.18 Mar 18, 2024 Functional Update 4.1.12 Ensure use of privileged commands is collected Miscellaneous Metadata updated. Variables updated.
Revision 1.17 Nov 1, 2023 Miscellaneous Platform check updated.
Revision 1.16 Oct 6, 2023 Functional Update 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux Miscellaneous Metadata updated. References updated.
Revision 1.15 Jul 5, 2023 Functional Update 4.1.1.2 Ensure system is disabled when audit logs are full - action_mail_acct 4.1.1.2 Ensure system is disabled when audit logs are full - admin_space_left_action 4.1.1.2 Ensure system is disabled when audit logs are full - space_left_action 4.1.1.3 Ensure audit logs are not automatically deleted
Revision 1.14 Apr 12, 2023 Miscellaneous Metadata updated. Platform check updated. Variables updated.
Revision 1.13 Mar 7, 2023 Miscellaneous Metadata updated. References updated.
Revision 1.12 Jan 4, 2023 Miscellaneous Metadata updated. Variables updated.
Revision 1.11 Dec 7, 2022 Miscellaneous Metadata updated.
Revision 1.10 Sep 30, 2022 Functional Update 4.1.13 Ensure successful file system mounts are collected - mounts 4.1.17 Ensure kernel module loading and unloading is collected - init_module 4.1.4 Ensure events that modify date and time information are collected - clock_settime 4.1.4 Ensure events that modify date and time information are collected - clock_settime x64
Revision 1.9 Sep 16, 2022 Functional Update 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod fchmod fchmodat 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod fchmod fchmodat x64 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown fchown fchownat lchown 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown fchown fchownat lchown x64 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl lsetxattr setxattr fsetxattr removexattr 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl setxattr x64 4.1.10 Ensure discretionary access control permission modification events are collected - chmod fchmod fchmodat 4.1.10 Ensure discretionary access control permission modification events are collected - chmod fchmod fchmodat x64 4.1.10 Ensure discretionary access control permission modification events are collected - chown fchown fchownat lchown 4.1.10 Ensure discretionary access control permission modification events are collected - chown fchown fchownat lchown x64 4.1.10 Ensure discretionary access control permission modification events are collected - lsetxattr setxattr fsetxattr removexattr 4.1.10 Ensure discretionary access control permission modification events are collected - lsetxattr setxattr fsetxattr removexattr x64 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES x64 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EPERM x64 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES x64 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EPERM x64 4.1.13 Ensure successful file system mounts are collected - auditctl mount 4.1.13 Ensure successful file system mounts are collected - auditctl mount x64 4.1.13 Ensure successful file system mounts are collected - mounts 4.1.13 Ensure successful file system mounts are collected - mounts x64 4.1.14 Ensure file deletion events by users are collected - auditctl delete 4.1.14 Ensure file deletion events by users are collected - auditctl delete x64 4.1.14 Ensure file deletion events by users are collected - delete 4.1.14 Ensure file deletion events by users are collected - delete x64 Miscellaneous Variables updated.

Detections

Analytics

CIS Debian 9 Workstation L2 v1.0.1

Audit Details

File Details

Audit Changelog

Revision 1.18

Functional Update

Miscellaneous

Revision 1.17

Miscellaneous

Revision 1.16

Functional Update

Miscellaneous

Revision 1.15

Functional Update

Revision 1.14

Miscellaneous

Revision 1.13

Miscellaneous

Revision 1.12

Miscellaneous

Revision 1.11

Miscellaneous

Revision 1.10

Functional Update

Revision 1.9

Functional Update

Miscellaneous

Detections

Analytics

CIS Debian 9 Workstation L2 v1.0.1 Download File

Audit Details

File Details

Audit Changelog

Functional Update

Miscellaneous

Miscellaneous

Functional Update

Miscellaneous

Functional Update

Miscellaneous

Miscellaneous

Miscellaneous

Miscellaneous

Functional Update

Functional Update

Miscellaneous

CIS Debian 9 Workstation L2 v1.0.1