CIS Docker 1.6 v1.0.0 L1 Linux

Audit Details

Name: CIS Docker 1.6 v1.0.0 L1 Linux

Updated: 4/25/2022

Authority: CIS

Plugin: Unix

Revision: 1.22

Estimated Item Count: 24

File Details

Filename: CIS_Docker_1.6_v1.0.0_L1_Linux.audit

Size: 45.3 kB

MD5: a84f05fee0df44d7cefeb8fd1a6aa98e
SHA256: f55f0a6ab209752f19523fc70bb59e26e639a1245c4d7af61297a437fcfb116a

Audit Items

DescriptionCategories
1.1 Create a separate partition for containers
1.2 Use the updated Linux Kernel

SYSTEM AND INFORMATION INTEGRITY

1.3 Do not use development tools in production
1.4 Harden the container host
1.5 Remove all non-essential services from the host - DPKG

CONFIGURATION MANAGEMENT

1.5 Remove all non-essential services from the host - RPM

CONFIGURATION MANAGEMENT

1.5 Remove all non-essential services from the host - running processes

CONFIGURATION MANAGEMENT

1.5 Remove all non-essential services from the host - sockets

CONFIGURATION MANAGEMENT

1.6 Keep Docker up to date

SYSTEM AND INFORMATION INTEGRITY

1.7 Only allow trusted users to control Docker daemon

ACCESS CONTROL

1.8 Audit docker daemon

AUDIT AND ACCOUNTABILITY

1.9 Audit Docker files and directories - /var/lib/docker

AUDIT AND ACCOUNTABILITY

1.10 Audit Docker files and directories - /etc/docker

AUDIT AND ACCOUNTABILITY

1.11 Audit Docker files and directories - docker-registry.service

AUDIT AND ACCOUNTABILITY

1.12 Audit Docker files and directories - docker.service

AUDIT AND ACCOUNTABILITY

1.13 Audit Docker files and directories - /var/run/docker.sock

AUDIT AND ACCOUNTABILITY

1.14 Audit Docker files and directories - /etc/sysconfig/docker

AUDIT AND ACCOUNTABILITY

1.15 Audit Docker files and directories - /etc/sysconfig/docker-network

AUDIT AND ACCOUNTABILITY

1.16 Audit Docker files and directories - /etc/sysconfig/docker-registry

AUDIT AND ACCOUNTABILITY

1.17 Audit Docker files and directories - /etc/sysconfig/docker-storage

AUDIT AND ACCOUNTABILITY

1.18 Audit Docker files and directories - /etc/default/docker

AUDIT AND ACCOUNTABILITY

6.6 Avoid image sprawl

CONFIGURATION MANAGEMENT

6.7 Avoid container sprawl

SYSTEM AND INFORMATION INTEGRITY

CIS_Docker_1.6_v1.0.0_L1_Linux.audit Level 1 Linux