CIS MySQL 5.7 Windows OS L1 v1.0.0

Audit Details

Name: CIS MySQL 5.7 Windows OS L1 v1.0.0

Updated: 4/25/2022

Authority: CIS

Plugin: Windows

Revision: 1.20

Estimated Item Count: 49

File Details

Filename: CIS_MySQL_5.7_Community_Benchmark_v1.0.0_OS_MS_L1.audit

Size: 93.4 kB

MD5: eb2e8d886a3d632a1a7231ca888c3b4f
SHA256: e5c28ab93d84ec8331640db77dd4dd41b4e3ffed3ff99120369aff68a7bd07d5

Audit Items

DescriptionCategories
1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service

ACCESS CONTROL

1.4 Verify That the MYSQL_PWD Environment Variables Is Not In Use

IDENTIFICATION AND AUTHENTICATION

1.6 Verify That 'MYSQL_PWD' Is Not Set In Users' Profiles

IDENTIFICATION AND AUTHENTICATION

2.1.1 Backup policy in place
2.1.2 Verify backups are good
2.1.3 Secure backup credentials
2.1.4 The backups should be properly secured
2.1.6 Disaster recovery plan
2.1.7 Backup of configuration and related files
2.2 Dedicate Machine Running MySQL
2.3 Do Not Specify Passwords in Command Line
2.4 Do Not Reuse Usernames
3.1 Ensure 'datadir' Has Appropriate Permissions
3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.3 Ensure 'log_error' Has Appropriate Permissions

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.4 Ensure 'slow_query_log' Has Appropriate Permissions

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.6 Ensure 'general_log_file' Has Appropriate Permissions

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

3.7 Ensure SSL Key Files Have Appropriate Permissions
3.8 Ensure Plugin Directory Has Appropriate Permissions
4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - @[email protected]\my.cnf

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - @[email protected]\my.ini

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - %WINDIR%\my.cnf

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - %WINDIR%\my.ini

ACCESS CONTROL

4.5 ensure 'mysqld' is not started with '--skip-grant-tables' - c:\my.cnf

ACCESS CONTROL

4.5 ensure 'mysqld' is not started with '--skip-grant-tables' - c:\my.ini

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - C:\Program Files\MySQL\MySQL Server 5.7\my.cnf

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - C:\Program Files\MySQL\MySQL Server 5.7\my.ini

ACCESS CONTROL

4.5 ensure 'mysqld' is not started with '--skip-grant-tables' - c:\programdata\mysql\mysql server 5.7\my.cnf

ACCESS CONTROL

4.5 ensure 'mysqld' is not started with '--skip-grant-tables' - c:\programdata\mysql\mysql server 5.7\my.ini exists

ACCESS CONTROL

6.5 Ensure 'log-raw' Is Set to 'OFF' - @[email protected]\my.cnf

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - @[email protected]\my.ini

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.cnf

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - %WINDIR%\my.ini

CONFIGURATION MANAGEMENT

6.5 ensure 'log-raw' is set to 'off' - c:\my.cnf

CONFIGURATION MANAGEMENT

6.5 ensure 'log-raw' is set to 'off' - c:\my.ini

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - C:\Program Files\MySQL\MySQL Server 5.7\my.cnf

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - C:\Program Files\MySQL\MySQL Server 5.7\my.ini

CONFIGURATION MANAGEMENT

6.5 ensure 'log-raw' is set to 'off' - c:\programdata\mysql\mysql server 5.7\my.cnf

CONFIGURATION MANAGEMENT

6.5 ensure 'log-raw' is set to 'off' - c:\programdata\mysql\mysql server 5.7\my.ini exists

CONFIGURATION MANAGEMENT

7.1 Ensure Passwords Are Not Stored in the Global Configuration - %WINDIR%\my.cnf

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure Passwords Are Not Stored in the Global Configuration - %WINDIR%\my.ini

IDENTIFICATION AND AUTHENTICATION

7.1 ensure passwords are not stored in the global configuration - c:\my.ini

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure Passwords Are Not Stored in the Global Configuration - C:\Program Files\MySQL\MySQL Server 5.7\my.cnf

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure Passwords Are Not Stored in the Global Configuration - C:\Program Files\MySQL\MySQL Server 5.7\my.ini

IDENTIFICATION AND AUTHENTICATION

7.1 ensure passwords are not stored in the global configuration - c:\programdata\mysql\mysql server 5.7\my.cnf

IDENTIFICATION AND AUTHENTICATION

7.1 ensure passwords are not stored in the global configuration - c:\programdata\mysql\mysql server 5.7\my.ini

IDENTIFICATION AND AUTHENTICATION

7.1 ensure passwords are not stored in the global configuration -c:\my.ini

IDENTIFICATION AND AUTHENTICATION

MySQL 5.7 Community Edition is installed

CONFIGURATION MANAGEMENT