1.1.1 Ensure a separate partition for containers has been created | SYSTEM AND COMMUNICATIONS PROTECTION |
1.1.2 Ensure only trusted users are allowed to control Docker daemon | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
1.1.3 Ensure auditing is configured for the Docker daemon | AUDIT AND ACCOUNTABILITY |
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/docker | AUDIT AND ACCOUNTABILITY |
1.1.7 Ensure auditing is configured for Docker files and directories - docker.service | AUDIT AND ACCOUNTABILITY |
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sock | AUDIT AND ACCOUNTABILITY |
1.1.9 Ensure auditing is configured for Docker files and directories - docker.socket | AUDIT AND ACCOUNTABILITY |
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker | AUDIT AND ACCOUNTABILITY |
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json | AUDIT AND ACCOUNTABILITY |
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.toml | AUDIT AND ACCOUNTABILITY |
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/docker | AUDIT AND ACCOUNTABILITY |
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd | AUDIT AND ACCOUNTABILITY |
1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim | AUDIT AND ACCOUNTABILITY |
1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1 | AUDIT AND ACCOUNTABILITY |
1.1.17 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v2 | AUDIT AND ACCOUNTABILITY |
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runc | AUDIT AND ACCOUNTABILITY |
1.2.1 Ensure the container host has been Hardened | CONFIGURATION MANAGEMENT |
1.2.2 Ensure that the version of Docker is up to date | SYSTEM AND INFORMATION INTEGRITY |
6.1 Ensure that image sprawl is avoided | PLANNING, SYSTEM AND SERVICES ACQUISITION |
6.2 Ensure that container sprawl is avoided | SYSTEM AND COMMUNICATIONS PROTECTION |
CIS_Docker_v1.5.0_L1_Linux_Host_OS.audit from CIS Docker Benchmark v1.5.0 | |