CIS PostgreSQL 9.5 OS v1.1.0

Audit Details

Name: CIS PostgreSQL 9.5 OS v1.1.0

Updated: 1/4/2023

Authority: CIS

Plugin: Unix

Revision: 1.8

Estimated Item Count: 19

File Details

Filename: CIS_PostgreSQL_9.5_v1.1.0_L1_OS_Linux.audit

Size: 73.7 kB

MD5: f935b3ffc652afcf29c18ff2744f3aa8
SHA256: 7dd7c75406b196b78f3b53a4b73b912efabff9f4dca4e887628677f1e1bb5b67

Audit Items

DescriptionCategories
1.1 Ensure packages are obtained from authorized repositories

CONFIGURATION MANAGEMENT

1.2 Ensure Installation of Binary Packages

CONFIGURATION MANAGEMENT

1.3 Ensure Installation of Community Packages

SYSTEM AND INFORMATION INTEGRITY

1.4 Ensure Service Runlevel Is Registered And Set Correctly

SYSTEM AND SERVICES ACQUISITION

1.5 Ensure Data Cluster Initialized Successfully

ACCESS CONTROL

2.1 Ensure the file permissions mask is correct

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/groups

ACCESS CONTROL

2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd

ACCESS CONTROL

4.1 Ensure sudo is configured correctly

ACCESS CONTROL

4.2 Ensure valid public keys are installed

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure excessive administrative privileges are revoked

ACCESS CONTROL

5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly

IDENTIFICATION AND AUTHENTICATION

5.2 Ensure login via 'host' TCP/IP Socket is configured correctly

SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure WAL archiving is configured and functional - archive_mode

SYSTEM AND COMMUNICATIONS PROTECTION

7.4 Ensure WAL archiving is configured and functional- archive_command

SYSTEM AND COMMUNICATIONS PROTECTION

8.3 Ensure the backup and restore tool, 'pgBackRest', is installed and configured

CONTINGENCY PLANNING