Item Search

NameAudit NamePluginCategory
1.6.1.2 Ensure all AppArmor Profiles are in enforce or complain mode - unconfinedCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing=0CIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux=0CIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

1.6.1.3 Ensure all AppArmor Profiles are enforcing - complainCIS Ubuntu Linux 18.04 LXD Container L2 v1.0.0Unix

ACCESS CONTROL

1.7.1.3 Ensure all AppArmor Profiles are in enforce or complain mode - loadedCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - complainCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL

1.7.1.4 Ensure all AppArmor Profiles are enforcing - loadedCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL

2.2.1.6 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1MDM

ACCESS CONTROL

2.9 Ensure 'Trustworthy' Database Property is set to 'Off'CIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

3.2 Ensure CONNECT permissions on the 'guest user' is Revoked within all SQL Server databases excluding the master, msdb and tempdbCIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

ACCESS CONTROL

3.2.1.18 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.20 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.2.1.22 Ensure 'Require Touch ID / Face ID authentication before AutoFill' is set to 'Enabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.3.1 Ensure 'Managed Safari Web Domains' is `Configured`AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.6.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.8 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.11 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

ACCESS CONTROL

4.5 Restrict access to Tomcat temp directoryCIS Apache Tomcat 8 L1 v1.1.0 MiddlewareUnix

ACCESS CONTROL

5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Network' PackagesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' PackagesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' PackagesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0Unix

ACCESS CONTROL

5.1.7 Ensure permissions on /etc/cron.d are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.allow'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.deny'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.16 Ensure 'GRANT ANY PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.dCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.dCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

ACCESS CONTROL

6.1.1 Audit system file permissionsCIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

6.1.10 Ensure no world writable files existCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

6.1.14 Audit SGID executablesCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.8 Ensure users' home directories permissions are 750 or more restrictiveCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

ACCESS CONTROL

6.2.9 Ensure users own their home directoriesCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL

6.2.20 Ensure shadow group is emptyCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

ACCESS CONTROL