2.1 Ensure Authentication is configured | IDENTIFICATION AND AUTHENTICATION |
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | IDENTIFICATION AND AUTHENTICATION |
2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms | CONFIGURATION MANAGEMENT |
2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CONFIGURATION MANAGEMENT |
2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode | CONFIGURATION MANAGEMENT |
2.3 Ensure authentication is enabled in the sharded cluster - clusterFile | CONFIGURATION MANAGEMENT |
2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CONFIGURATION MANAGEMENT |
3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | ACCESS CONTROL |
4.2 Ensure Weak Protocols are Disabled | SYSTEM AND COMMUNICATIONS PROTECTION |
4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | SYSTEM AND COMMUNICATIONS PROTECTION |
5.1 Ensure that system activity is audited | AUDIT AND ACCOUNTABILITY |
6.1 Ensure that MongoDB uses a non-default port | SYSTEM AND INFORMATION INTEGRITY |
7.1 Ensure appropriate key file permissions are set | IDENTIFICATION AND AUTHENTICATION |
7.2 Ensure appropriate database file permissions are set. | ACCESS CONTROL |
CIS_MongoDB_4_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB 4 Benchmark | |