CIS Docker 1.11.0 v1.0.0 L1 Linux

Audit Details

Name: CIS Docker 1.11.0 v1.0.0 L1 Linux

Updated: 11/28/2023

Authority: CIS

Plugin: Unix

Revision: 1.19

Estimated Item Count: 21

File Details

Filename: CIS_Docker_1.11.0_v1.0.0_L1_Linux.audit

Size: 41.2 kB

MD5: 2f091aa16dbba9c03e3546cba5899556
SHA256: 3b2cdffd617aff69fcd07d5762590731b5e59301bf4c7f9fc819fd5645a0df02

Audit Items

DescriptionCategories
1.1 Create a separate partition for containers

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Use the updated Linux Kernel

SYSTEM AND INFORMATION INTEGRITY

1.3 Harden the container host

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - DPKG

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - RPM

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - Running Processes

CONFIGURATION MANAGEMENT

1.4 Remove all non-essential services from the host - Sockets

CONFIGURATION MANAGEMENT

1.5 Keep Docker up to date

SYSTEM AND INFORMATION INTEGRITY

1.6 Only allow trusted users to control Docker daemon

ACCESS CONTROL

1.7 Audit docker daemon

AUDIT AND ACCOUNTABILITY

1.8 Audit Docker files and directories - /var/lib/docker

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /etc/docker

AUDIT AND ACCOUNTABILITY

1.10 Audit Docker files and directories - docker.service

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker.socket

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - /etc/default/docker

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /etc/docker/daemon.json

AUDIT AND ACCOUNTABILITY

1.14 Audit Docker files and directories - /usr/bin/docker-containerd

AUDIT AND ACCOUNTABILITY

1.15 Audit Docker files and directories - /usr/bin/docker-runc

AUDIT AND ACCOUNTABILITY

6.4 Avoid image sprawl

CONFIGURATION MANAGEMENT

6.5 Avoid container sprawl

SYSTEM AND INFORMATION INTEGRITY

CIS_Docker_1.11.0_v1.0.0_L1_Linux.audit Level 1 Linux