Detections
Analytics

CIS Docker v1.7.0 L2 Docker - Linux

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Docker v1.7.0 L2 Docker - Linux

Updated: 9/24/2025

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 32

File Details

Filename: CIS_Docker_v1.7.0_L2_Docker_Linux.audit

Size: 62.4 kB

MD5: 7df7292671653db19f48d3c16e920176
SHA256: b8b72acd13b23cdabf4aaf6f36a99df69d73d6c69e1e3992406678a02ff9d15f

Audit Items

DescriptionCategories
1.1.7 Ensure auditing is configured for Docker files and directories - docker.service
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sock
1.1.9 Ensure auditing is configured for Docker files and directories - docker.sock
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.toml
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/docker
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd
1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim
1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1
1.1.17 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v2
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runc
2.9 Enable user namespace support
2.10 Ensure the default cgroup usage has been confirmed
2.11 Ensure base device size is not changed until needed
2.12 Ensure that authorization for Docker client commands is enabled
2.13 Ensure centralized and remote logging is configured
2.17 Ensure that a daemon-wide custom seccomp profile is applied if appropriate
3.17 Ensure that the daemon.json file ownership is set to root:root
3.18 Ensure that daemon.json file permissions are set to 644 or more restrictive
3.19 Ensure that the /etc/default/docker file ownership is set to root:root
3.20 Ensure that the /etc/default/docker file permissions are set to 644 or more restrictively
3.21 Ensure that the /etc/sysconfig/docker file permissions are set to 644 or more restrictively
3.22 Ensure that the /etc/sysconfig/docker file ownership is set to root:root
4.5 Ensure Content trust for Docker is Enabled
4.8 Ensure setuid and setgid permissions are removed
4.11 Ensure only verified packages are installed
5.3 Ensure that, if applicable, SELinux security options are set
5.23 Ensure that docker exec commands are not used with the privileged option
5.24 Ensure that docker exec commands are not used with the user=root option
5.30 Ensure that Docker's default bridge "docker0" is not used
CIS_Docker_v1.7.0_L2_Docker_-_Linux.audit from CIS Docker Benchmark v1.7.0