CIS Oracle Linux 8 Workstation L2 v1.0.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Oracle Linux 8 Workstation L2 v1.0.1

Updated: 9/30/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.5

Estimated Item Count: 135

Audit Items

Description	Categories
1.1.1.2 Ensure mounting of vFAT filesystems is limited - lsmod
1.1.1.2 Ensure mounting of vFAT filesystems is limited - modprobe
1.1.6 Ensure separate partition exists for /var
1.1.7 Ensure separate partition exists for /var/tmp
1.1.11 Ensure separate partition exists for /var/log
1.1.12 Ensure separate partition exists for /var/log/audit
1.1.13 Ensure separate partition exists for /home
1.1.22 Disable Automounting
1.1.23 Disable USB Storage - lsmod
1.1.23 Disable USB Storage - modprobe
1.7.1.1 Ensure SELinux is installed
1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0
1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux = 0
1.7.1.3 Ensure SELinux policy is configured
1.7.1.4 Ensure the SELinux state is enforcing
1.7.1.5 Ensure no unconfined services exist
1.7.1.7 Ensure the MCS Translation Service (mcstrans) is not installed
1.11 Ensure system-wide crypto policy is FUTURE or FIPS
2.2.16 Ensure CUPS is not enabled
3.3.1 Ensure DCCP is disabled - lsmod
3.3.1 Ensure DCCP is disabled - modprobe
3.3.2 Ensure SCTP is disabled - lsmod
3.3.2 Ensure SCTP is disabled - modprobe
3.3.3 Ensure RDS is disabled - lsmod
3.3.3 Ensure RDS is disabled - modprobe
3.3.4 Ensure TIPC is disabled - lsmod
3.3.4 Ensure TIPC is disabled - modprobe
3.5 Ensure wireless interfaces are disabled
3.6 Disable IPv6
4.1.1.1 Ensure auditd is installed - audit
4.1.1.1 Ensure auditd is installed - audit-libs
4.1.1.2 Ensure auditd service is enabled
4.1.1.3 Ensure auditing for processes that start prior to auditd is enabled
4.1.1.4 Ensure audit_backlog_limit is sufficient
4.1.2.1 Ensure audit log storage size is configured
4.1.2.2 Ensure audit logs are not automatically deleted
4.1.2.3 Ensure system is disabled when audit logs are full - action_mail_acct
4.1.2.3 Ensure system is disabled when audit logs are full - admin_space_left_action
4.1.2.3 Ensure system is disabled when audit logs are full - space_left_action
4.1.3 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers
4.1.3 Ensure changes to system administration scope (sudoers) is collected - auditctl sudoers.d
4.1.3 Ensure changes to system administration scope (sudoers) is collected - sudoers
4.1.3 Ensure changes to system administration scope (sudoers) is collected - sudoers.d
4.1.4 Ensure login and logout events are collected - auditctl faillock
4.1.4 Ensure login and logout events are collected - auditctl lastlog
4.1.4 Ensure login and logout events are collected - faillock
4.1.4 Ensure login and logout events are collected - lastlog
4.1.5 Ensure session initiation information is collected - auditctl btmp
4.1.5 Ensure session initiation information is collected - auditctl utmp
4.1.5 Ensure session initiation information is collected - auditctl wtmp

Detections

Analytics

CIS Oracle Linux 8 Workstation L2 v1.0.1

Warning! Audit Deprecated

Audit Details

Audit Items