Item Search

NameAudit NamePluginCategory
1.1.1.3 Ensure mounting of hfs filesystems is disabled - lsmodCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of udf filesystems is disabled - lsmodCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.3 Ensure nodev option set on /tmp partitionCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.4 Ensure nosuid option set on /tmp partitionCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.7 Ensure separate partition exists for /var/tmpCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.8 Ensure nodev option set on /var/tmp partitionCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.9 Ensure nosuid option set on /var/tmp partitionCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.2.14 Ensure that the admission control plugin NamespaceLifecycle is setCIS Kubernetes v1.23 Benchmark v1.0.1 L1 MasterUnix

CONFIGURATION MANAGEMENT

1.4.2 Ensure bootloader password is set - password_pbkdf2CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.4.3 Ensure authentication required for single user modeCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.8.3 Ensure last logged in user display is disabled - file-dbCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT

2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L2MDM

CONFIGURATION MANAGEMENT

3.2.1.12 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

CONFIGURATION MANAGEMENT

3.2.1.12 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2MDM

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmodCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobeCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/insmodCIS CentOS 6 Server L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/insmodCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - /sbin/rmmodCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.17 Ensure kernel module loading and unloading is collected - init_moduleCIS Debian 9 Server L2 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.2.2.3 Ensure syslog-ng default file permissions configuredCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.2 Use LockOut RealmsCIS Apache Tomcat 10 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

5.2 Use LockOut RealmsCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

5.2 Use LockOut RealmsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

5.2.19 Ensure SSH warning banner is configuredCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.3.19 Ensure SSH warning banner is configuredCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.20 Ensure SSH PAM is enabled - sshd_configCIS CentOS 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.20 Ensure SSH PAM is enabled - sshd_configCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.22 Ensure SSH MaxStartups is configured - sshd_configCIS CentOS 6 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.3.23 Ensure SSH MaxSessions is limited - sshdCIS CentOS 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

6.2.17 Ensure no duplicate GIDs existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.19 Ensure no duplicate group names existCIS Aliyun Linux 2 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 10 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.1 Starting Tomcat with Security ManagerCIS Apache Tomcat 10 L1 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.2 Disabling auto deployment of applicationsCIS Apache Tomcat 10 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.2 Disabling auto deployment of applicationsCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.3 Disable deploy on startup of applicationsCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.3 Disable deploy on startup of applicationsCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

9.3 Disable deploy on startup of applicationsCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.3 Disable deploy on startup of applicationsCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

10.9 Configure connectionTimeoutCIS Apache Tomcat 10 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.10 Configure connectionTimeoutCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 10 L2 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 9 L2 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

10.16 Do not resolve hosts on logging valvesCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.17 Enable memory leak listener - verify presentCIS Apache Tomcat 8 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.18 Setting Security Lifecycle Listener - check for umask present in startupCIS Apache Tomcat 8 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT

10.18 Setting Security Lifecycle Listener - check for umask uncommented in startupCIS Apache Tomcat 8 L1 v1.1.0Unix

CONFIGURATION MANAGEMENT