Detections
Analytics

CIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1

Updated: 9/19/2025

Authority: CIS

Plugin: Unix

Revision: 1.28

Estimated Item Count: 230

File Details

Filename: CIS_Ubuntu_20.04_LTS_v2.0.1_L1_Server.audit

Size: 760 kB

MD5: ca10396224d7edb47d293d481eb50628
SHA256: e7935322040b55f6676b5e3c9f3a5507d661db4aa163b196008893b9e81b7661

Audit Changelog

 
Revision 1.28

Sep 19, 2025

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.27

Jun 16, 2025

Functional Update
  • 6.1.5 Ensure permissions on /etc/shadow are configured
Revision 1.26

Apr 7, 2025

Functional Update
  • 2.1.1.1 Ensure a single time synchronization daemon is in use
Revision 1.25

Mar 31, 2025

Functional Update
  • 6.1.6 Ensure permissions on /etc/shadow- are configured
Miscellaneous
  • References updated.
Revision 1.24

Jan 6, 2025

Informational Update
  • 1.1.1.1 Ensure mounting of cramfs filesystems is disabled
  • 1.1.1.2 Ensure mounting of freevxfs filesystems is disabled
  • 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled
  • 1.1.1.4 Ensure mounting of hfs filesystems is disabled
  • 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled
  • 1.1.10 Disable USB Storage
  • 1.8.2 Ensure GDM login banner is configured
  • 1.8.5 Ensure GDM screen locks cannot be overridden
  • 1.8.6 Ensure GDM automatic mounting of removable media is disabled
  • 1.8.7 Ensure GDM disabling automatic mounting of removable media is not overridden
  • 1.8.8 Ensure GDM autorun-never is enabled
  • 1.8.9 Ensure GDM autorun-never is not overridden
  • 2.1.3.1 Ensure systemd-timesyncd configured with authorized timeserver
  • 3.1.2 Ensure wireless interfaces are disabled
  • 4.1.8 Ensure cron is restricted to authorized users
  • 4.1.9 Ensure at is restricted to authorized users
  • 4.2.2 Ensure permissions on SSH private host key files are configured
  • 4.2.3 Ensure permissions on SSH public host key files are configured
  • 4.4.5 Ensure all current passwords uses the configured hashing algorithm
  • 4.5.2 Ensure system accounts are secured
  • 5.1.3 Ensure all logfiles have appropriate access configured
  • 6.1.10 Ensure permissions on /etc/opasswd are configured
  • 6.1.11 Ensure world writable files and directories are secured
  • 6.2.11 Ensure local interactive user home directories are configured
  • 6.2.12 Ensure local interactive user dot files access is configured
Miscellaneous
  • Metadata updated.
Revision 1.23

Dec 27, 2024

Functional Update
  • 1.5.4 Ensure Automatic Error Reporting is not enabled
Revision 1.22

Nov 6, 2024

Functional Update
  • 6.1.11 Ensure world writable files and directories are secured
  • 6.1.12 Ensure no unowned or ungrouped files or directories exist
  • 6.1.13 Ensure SUID and SGID files are reviewed
Revision 1.21

Aug 26, 2024

Functional Update
  • 1.4.3 Ensure authentication required for single user mode
  • 4.5.5 Ensure default user shell timeout is configured
Miscellaneous
  • References updated.
Revision 1.20

Jul 31, 2024

Miscellaneous
  • Variables updated.
Revision 1.19

Jun 17, 2024

Miscellaneous
  • Metadata updated.