CIS MariaDB 10.6 Database L2 v1.1.0

Name: CIS MariaDB 10.6 Database L2 v1.1.0

Updated: 5/6/2024

Authority: CIS

Plugin: MySQLDB

Revision: 1.0

Estimated Item Count: 16

Filename: CIS_MariaDB_10.6_Benchmark_v1.1.0_L2_Database.audit

Size: 42.9 kB

MD5: 3a384ae8337c65306b732c18b919f80b

SHA256: f0999a53744a4404204d278d5cc8a63e6f4997644e2c42c3075356dbe6c2d482

Description	Categories
1.7 Ensure MariaDB is Run Under a Sandbox Environment	SYSTEM AND COMMUNICATIONS PROTECTION
2.1.5 Point-in-Time Recovery	CONTINGENCY PLANNING
2.7 Lock Out Accounts if Not Currently in Use	ACCESS CONTROL
2.8 Ensure Socket Peer-Credential Authentication is Used Appropriately	CONFIGURATION MANAGEMENT
2.9 Ensure MariaDB is Bound to an IP Address	PLANNING, SYSTEM AND SERVICES ACQUISITION
2.10 Limit Accepted Transport Layer Security (TLS) Versions	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.11 Require Client-Side Certificates (X.509)	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.12 Ensure Only Approved Ciphers are Used	SYSTEM AND SERVICES ACQUISITION
4.8 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES'	PLANNING, SYSTEM AND SERVICES ACQUISITION
4.9 Enable data-at-rest encryption in MariaDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users	ACCESS CONTROL
6.3 Ensure 'log_warnings' is Set to '2'	AUDIT AND ACCOUNTABILITY
6.4 Ensure Audit Logging Is Enabled	AUDIT AND ACCOUNTABILITY
6.6 Ensure Binary and Relay Logs are Encrypted	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
9.4 Ensure only approved ciphers are used for Replication	SYSTEM AND SERVICES ACQUISITION
CIS_MariaDB_10.6_Benchmark_v1.1.0_L2_Database.audit from CIS MariaDB 10.6 Benchmark