CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0

Audit Details

Name: CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0

Updated: 4/25/2022

Authority: CIS

Plugin: Unix

Revision: 1.11

Estimated Item Count: 134

File Details

Filename: CIS_Ubuntu_14.04_LTS_Workstation_v2.1.0_L2.audit

Size: 291 kB

MD5: 29756fe30cb9a0da4b31678026804920
SHA256: f1f8d0e47c19cfb43b80b1b6400d9b3aaff04317a0a684941b10c56ac3e4285c

Audit Changelog

 
Revision 1.11

Apr 25, 2022

Miscellaneous
  • References updated.
Revision 1.10

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • References updated.
Revision 1.9

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.8

Oct 5, 2020

Functional Update
  • 1.1.21 Disable Automounting
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - 'enforcing'
  • 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration -'selinux'
  • 1.6.1.2 Ensure the SELinux state is enforcing
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'Current mode'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'Mode from config file'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'
  • 1.6.1.2 Ensure the SELinux state is enforcing - 'SELinux status'
  • 1.6.1.3 Ensure SELinux policy is configured
  • 1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'
  • 1.6.1.3 Ensure SELinux policy is configured - 'SELINUXTYPE'
  • 1.6.1.4 Ensure no unconfined daemons exist
  • 1.6.2.1 Ensure AppArmor is not disabled in bootloader configuration
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'complian mode'
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'
  • 1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'unconfined processes'
  • 1.6.3 Ensure SELinux or AppArmor are installed
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chmod (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl chown (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'auditctl setxattr (64-bit)'
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'chmod' (64-bit)
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'chown' (64-bit)
  • 4.1.10 Ensure discretionary access control permission modification events are collected - 'setxattr' (64-bit)
  • 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EACCES' (64-bit)
  • 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - 'EPERM' (64-bit)
  • 4.1.13 Ensure successful file system mounts are collected - 'auditctl mounts (64-bit)'
  • 4.1.13 Ensure successful file system mounts are collected - 'mount' (64-bit)
  • 4.1.14 Ensure file deletion events by users are collected (64-bit)
  • 4.1.14 Ensure file deletion events by users are collected - auditctl delete (64-bit)
  • 4.1.17 Ensure kernel module loading and unloading is collected - '32bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - '64bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 32-bit'
  • 4.1.17 Ensure kernel module loading and unloading is collected - 'auditctl 64-bit'
  • 4.1.4 Ensure events that modify date and time information are collected - 'adjtimex - 64bit'
  • 4.1.4 Ensure events that modify date and time information are collected - 'auditctl adjtimex (64-bit)'
  • 4.1.4 Ensure events that modify date and time information are collected - 'auditctl clock_settime (64-bit)'
  • 4.1.4 Ensure events that modify date and time information are collected - 'clock_settime - 64bit'
  • 4.1.6 Ensure events that modify the system's network environment are collected - 'auditctl sethostname/setdomainname (64-bit)'
  • 4.1.6 Ensure events that modify the system's network environment are collected - 'sethostname/setdomainname' (64-bit)
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor.d/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/apparmor/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/etc/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - '/usr/share/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor.d/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/apparmor/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /etc/selinux/'
  • 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - 'auditctl /usr/share/selinux/'
Miscellaneous
  • Platform check updated.
Revision 1.7

Sep 29, 2020

Miscellaneous
  • References updated.
Revision 1.6

Jul 14, 2020

Miscellaneous
  • Metadata updated.
Revision 1.5

Apr 22, 2020

Added
  • 2.2.4 Ensure CUPS is not enabled
  • 3.7 Ensure wireless interfaces are disabled
  • 4.1.2 Ensure auditd service is enabled
Removed
  • 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd
  • 6.2.3 Ensure no legacy '+' entries exist in /etc/shadow
  • 6.2.4 Ensure no legacy '+' entries exist in /etc/group
Revision 1.4

Apr 17, 2020

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.3

Feb 7, 2019

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Dec 13, 2018

Miscellaneous
  • References updated.