CIS MongoDB 4 L1 OS Linux v1.0.0

Audit Details

Name: CIS MongoDB 4 L1 OS Linux v1.0.0

Updated: 11/4/2022

Authority: CIS

Plugin: Unix

Revision: 1.5

Estimated Item Count: 17

File Details

Filename: CIS_MongoDB_4_Benchmark_Level_1_OS_Linux_v1.0.0.audit

Size: 59.3 kB

MD5: 6f9c2cc42ffe7fdab326d55cfeeb72d6
SHA256: 7e4b2a104adeb6fbebe2fe1e002736aef7dd88d134bc121c998949d2670b4339

Audit Items

DescriptionCategories
2.1 Ensure Authentication is configured

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exception

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - CAFile

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - clusterFile

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile

CONFIGURATION MANAGEMENT

3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account

ACCESS CONTROL

4.2 Ensure Weak Protocols are Disabled

SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption)

SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure that system activity is audited

AUDIT AND ACCOUNTABILITY

6.1 Ensure that MongoDB uses a non-default port

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure appropriate key file permissions are set - CAFile

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure appropriate key file permissions are set - keyFile

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure appropriate key file permissions are set - PEMKeyFile

IDENTIFICATION AND AUTHENTICATION

7.2 Ensure appropriate database file permissions are set.

ACCESS CONTROL

CIS_MongoDB_4_Benchmark_Level_1_OS_Linux_v1.0.0.audit from CIS MongoDB 4 Benchmark