Detections
Analytics

CIS MariaDB 10.6 on Linux L2 v1.0.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS MariaDB 10.6 on Linux L2 v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.3

Estimated Item Count: 20

File Details

Filename: CIS_MariaDB_10.6_Benchmark_v1.0.0_L2_Linux_OS.audit

Size: 35.4 kB

MD5: 00fc26376ae9c6af4ce4144859386f57
SHA256: 5a32db99c20c610003e15d0114e7962d375b91f860823456d6ac828ad8bb8848

Audit Items

DescriptionCategories
1.3 Disable MariaDB Command History - .mysql_history
1.3 Disable MariaDB Command History - ~/.mysql_history
1.5 Ensure Interactive Login is Disabled
1.7 Ensure MariaDB is Run Under a Sandbox Environment
2.1.5 Point-in-Time Recovery
2.7 Lock Out Accounts if Not Currently in Use
2.8 Ensure Socket Peer-Credential Authentication is Used Appropriately
2.9 Ensure MariaDB is Bound to an IP Address
2.10 Limit Accepted Transport Layer Security (TLS) Versions
2.11 Require Client-Side Certificates (X.509)
2.12 Ensure Only Approved Ciphers are Used
4.3 Ensure 'allow-suspicious-udfs' is Set to 'OFF'
4.8 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES'
4.9 Enable data-at-rest encryption in MariaDB
5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users
6.3 Ensure 'log_warnings' is Set to '2'
6.4 Ensure Audit Logging Is Enabled
6.6 Ensure Binary and Relay Logs are Encrypted
9.4 Ensure only approved ciphers are used for Replication
CIS_MariaDB_10.6_Benchmark_v1.0.0_L2_Linux_OS.audit from CIS MariaDB 10.6 Benchmark