Detections
Analytics

CIS Linux Mint 22 v1.0.0 L1 Workstation

Audit Details

Name: CIS Linux Mint 22 v1.0.0 L1 Workstation

Updated: 11/3/2025

Authority: CIS

Plugin: Unix

Revision: 1.1

Estimated Item Count: 184

File Details

Filename: CIS_Linux_Mint_22_v1.0.0_L1_Workstation.audit

Size: 736 kB

MD5: 1757d91855f2c19bca8393c58fb55125
SHA256: ff774564b5c781ce7cebeae60be4392cc7cea9cda76c955a2297486c1b6739eb

Audit Items

DescriptionCategories
1.1.1.1 Ensure cramfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure freevxfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure hfs kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure hfsplus kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not available

CONFIGURATION MANAGEMENT

1.1.1.10 Ensure unused filesystems kernel modules are not available

CONFIGURATION MANAGEMENT

1.1.2.1.1 Ensure /tmp is tmpfs or a separate partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.2 Ensure nodev option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.3 Ensure nosuid option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.1.4 Ensure noexec option set on /tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.1 Ensure /dev/shm is tmpfs or a separate partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.2 Ensure nodev option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.3 Ensure nosuid option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.4 Ensure noexec option set on /dev/shm partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.2 Ensure nodev option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.3.3 Ensure nosuid option set on /home partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.2 Ensure nodev option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.3 Ensure nosuid option set on /var partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.2 Ensure nodev option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.3 Ensure nosuid option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.5.4 Ensure noexec option set on /var/tmp partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.2 Ensure nodev option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.3 Ensure nosuid option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.4 Ensure noexec option set on /var/log partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.2 Ensure nodev option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.4 Ensure noexec option set on /var/log/audit partition

ACCESS CONTROL, MEDIA PROTECTION

1.2.1.1 Ensure GPG keys are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.1.2 Ensure package manager repositories are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2.1 Ensure updates, patches, and additional security software are installed

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2.2 Ensure Automatic updates are configured

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.3.1.1 Ensure the apparmor packages are installed

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.2 Ensure AppArmor is enabled in the bootloader configuration

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.3 Ensure all AppArmor Profiles are not disabled

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.4 Ensure all AppArmor Profiles are enforcing

ACCESS CONTROL, MEDIA PROTECTION

1.4.1 Ensure bootloader password is set

ACCESS CONTROL, MEDIA PROTECTION

1.4.2 Ensure access to bootloader config is configured

ACCESS CONTROL, MEDIA PROTECTION

1.5.1 Ensure randomize_va_space is configured

SYSTEM AND INFORMATION INTEGRITY

1.5.2 Ensure ptrace_scope is configured

CONFIGURATION MANAGEMENT

1.5.3 Ensure suid_dumpable is configured

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.5.4 Ensure core file size is configured

ACCESS CONTROL

1.5.5 Ensure prelink is not installed

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

1.5.6 Ensure Automatic Error Reporting is configured

CONFIGURATION MANAGEMENT

1.6.1 Ensure /etc/motd is configured

ACCESS CONTROL

1.6.2 Ensure /etc/issue is configured

ACCESS CONTROL

1.6.3 Ensure /etc/issue.net is configured

ACCESS CONTROL

1.6.4 Ensure access to /etc/motd is configured

ACCESS CONTROL, MEDIA PROTECTION

1.6.5 Ensure access to /etc/issue is configured

ACCESS CONTROL, MEDIA PROTECTION

1.6.6 Ensure access to /etc/issue.net is configured

ACCESS CONTROL, MEDIA PROTECTION

1.7.1 Ensure user list is not displayed

IDENTIFICATION AND AUTHENTICATION