CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1

Audit Details

Name: CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1

Updated: 5/7/2024

Authority: CIS

Plugin: Unix

Revision: 1.16

Estimated Item Count: 224

File Details

Filename: CIS_Ubuntu_20.04_LTS_v2.0.1_L1_Workstation.audit

Size: 839 kB

MD5: eebdc02d63ce7f09a1c8866264a2654a
SHA256: 5527fc1c790b1728f1b0a23273245abab4fecd219d2e3a01711bb7c92908f7d1

Audit Changelog

 
Revision 1.16

May 7, 2024

Functional Update
  • 2.1.2.1 Ensure chrony is configured with authorized timeserver
  • 2.1.2.2 Ensure chrony is running as user _chrony
  • 2.1.2.3 Ensure chrony is enabled and running
Revision 1.15

Apr 22, 2024

Functional Update
  • 5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host
Revision 1.14

Apr 10, 2024

Functional Update
  • 1.8.2 Ensure GDM login banner is configured
  • 1.8.3 Ensure GDM disable-user-list option is enabled
  • 1.8.4 Ensure GDM screen locks when the user is idle
  • 1.8.5 Ensure GDM screen locks cannot be overridden
  • 1.8.8 Ensure GDM autorun-never is enabled
  • 1.8.9 Ensure GDM autorun-never is not overridden
Revision 1.13

Mar 18, 2024

Functional Update
  • 4.2.2 Ensure permissions on SSH private host key files are configured
  • 4.2.3 Ensure permissions on SSH public host key files are configured
  • 5.1.3 Ensure all logfiles have appropriate access configured
  • 6.1.11 Ensure world writable files and directories are secured
  • 6.1.12 Ensure no unowned or ungrouped files or directories exist
  • 6.1.13 Ensure SUID and SGID files are reviewed
  • 6.2.12 Ensure local interactive user dot files access is configured
Miscellaneous
  • Variables updated.
Revision 1.12

Mar 1, 2024

Functional Update
  • 3.4.1.7 Ensure ufw default deny firewall policy
Revision 1.11

Feb 12, 2024

Functional Update
  • 4.2.20 Ensure SSH LoginGraceTime is set to one minute or less
  • 4.2.5 Ensure SSH LogLevel is appropriate
  • 4.3.1 Ensure sudo is installed
Revision 1.10

Feb 8, 2024

Functional Update
  • 2.4 Ensure nonessential services are removed or masked
  • 3.1.1 Ensure IPv6 status is identified
  • 3.4.1.5 Ensure ufw outbound connections are configured
  • 3.4.2.3 Ensure iptables are flushed with nftables
  • 3.4.2.7 Ensure nftables outbound and established connections are configured
  • 3.4.3.2.3 Ensure iptables outbound and established connections are configured
  • 3.4.3.3.3 Ensure ip6tables outbound and established connections are configured
  • 5.1.1.6 Ensure journald log rotation is configured per site policy
  • 6.1.13 Ensure SUID and SGID files are reviewed
Informational Update
  • 6.1.13 Ensure SUID and SGID files are reviewed
Revision 1.9

Jan 29, 2024

Functional Update
  • 3.1.1 Ensure IPv6 status is identified
  • 4.2.12 Ensure SSH X11 forwarding is disabled
Informational Update
  • 3.1.1 Ensure IPv6 status is identified
Miscellaneous
  • Metadata updated.
Revision 1.8

Jan 3, 2024

Functional Update
  • 2.2.13 Ensure SNMP Server is not installed
Revision 1.7

Dec 27, 2023

Functional Update
  • 5.1.1.1.1 Ensure systemd-journal-remote is installed
  • 5.1.1.1.2 Ensure systemd-journal-remote is configured
  • 5.1.1.1.3 Ensure systemd-journal-remote is enabled
  • 5.1.1.1.4 Ensure journald is not configured to receive logs from a remote client
  • 5.1.1.2 Ensure journald service is enabled
  • 5.1.1.3 Ensure journald is configured to compress large log files
  • 5.1.1.4 Ensure journald is configured to write logfiles to persistent disk
  • 5.1.1.5 Ensure journald is not configured to send logs to rsyslog
  • 5.1.1.6 Ensure journald log rotation is configured per site policy
  • 5.1.1.7 Ensure journald default file permissions configured
  • 5.1.2.1 Ensure rsyslog is installed
  • 5.1.2.2 Ensure rsyslog service is enabled
  • 5.1.2.3 Ensure journald is configured to send logs to rsyslog
  • 5.1.2.4 Ensure rsyslog default file permissions are configured
  • 5.1.2.5 Ensure logging is configured
  • 5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host
  • 5.1.2.7 Ensure rsyslog is not configured to receive logs from a remote client