1.1 Remove extraneous files and directories - /conf/Catalina/localhost/host-manager.xml | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - /webapps/js-examples | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - CATALINA_CONF/conf/Catalina/localhost/manager.xml | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1.3.16.1 Configure 'System settings: Optional subsystems' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
1.1.7 Ensure that the --insecure-port argument is set to 0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
1.1.8 - MobileIron - Disable 'Bluetooth' | MobileIron - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.17 - AirWatch - Disable 'Unknown sources' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
1.1.19 Ensure that the --authorization-mode argument is not set to AlwaysAllow | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | ACCESS CONTROL |
1.2.1 - MobileIron - Disable JavaScript - 'Samsung SAFE' | MobileIron - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.2.2 - AirWatch - Enable 'Show security warnings' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
1.2.2 Ensure that the --address argument is set to 127.0.0.1 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
1.2.3 - MobileIron - Disable 'Form auto-fill' - 'Samsung SAFE' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
1.2.3.5 Set 'RPC Runtime Unauthenticated Client Restriction to Apply:' to 'Enabled:Authenticated' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
1.2.4 - AirWatch - Disable Auto Fill for Names and Passwords | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.3 Ensure 'directory browsing' is set to disabled | CIS IIS 7 L1 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
2.1.5 Ensure that the --read-only-port argument is set to 0 | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.9 Ensure Telnet is disabled | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
2.1.12 Ensure that the --cadvisor-port argument is set to 0 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.13 Ensure that the --cadvisor-port argument is set to 0 | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.2.9 Disable Samba Support - Make sure that /etc/sfw/smb.conf does not exist. Note this check is only applicable for Solaris 10 >= 11/06 | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.16.1 Ensure 'System settings: Optional subsystems' is set to 'Defined: (blank)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
2.4.8 Disable File Sharing - AppleFileServer | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
3.1.5 Ensure that the --insecure-port argument is set to 0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
3.1.5 Ensure that the --insecure-port argument is set to 0 | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
3.2 Restrict Recursive Queries - Authoritative Name Server | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2 Restrict Recursive Queries - Caching Name Server | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3.4 Prevent execution of expired tasks | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | CONFIGURATION MANAGEMENT |
3.3.4 Prevent execution of expired tasks | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
4.3 Enable Debug Level Daemon Logging/4.4 Capture syslog AUTH Messages - Check if svc:/system/system-log is online | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
5.1.4 Ensure talk server is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3 Ensure daytime is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.4 Ensure echo is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.7 Ensure privileged ports are not mapped within containers | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
6.2.11 Ensure no users have .forward files | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
8.4 Disable the HTTP Statistics Server | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
8.4 Disable the HTTP Statistics Server | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
8.5 Remove default databases | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | CONFIGURATION MANAGEMENT |
8.5 Remove default databases | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | CONFIGURATION MANAGEMENT |
9.2 Remove Unused Schemas | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | CONFIGURATION MANAGEMENT |
9.4 Remove Default Databases | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
9.4 Remove Default Databases | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
9.4 Remove Default Databases | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | CONFIGURATION MANAGEMENT |
9.10 Check for Presence of User .rhosts Files | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
9.21 Check for Presence of User .forward Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
Huawei: Disable FTP IPV4 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
Huawei: Disable FTP IPV6 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
Huawei: Disable Telnet on IPV6 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |