1.1.1.3 Ensure mounting of hfs filesystems is disabled - lsmod | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.1.5 Ensure mounting of udf filesystems is disabled - lsmod | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.3 Ensure nodev option set on /tmp partition | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.4 Ensure nosuid option set on /tmp partition | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.7 Ensure separate partition exists for /var/tmp | CIS Debian 9 Server L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.8 Ensure nodev option set on /var/tmp partition | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.1.9 Ensure nosuid option set on /var/tmp partition | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.2.14 Ensure that the admission control plugin NamespaceLifecycle is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | CONFIGURATION MANAGEMENT |
1.4.2 Ensure bootloader password is set - password_pbkdf2 | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.4.3 Ensure authentication required for single user mode | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
1.8.3 Ensure last logged in user display is disabled - file-db | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2 | MDM | CONFIGURATION MANAGEMENT |
2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L2 | MDM | CONFIGURATION MANAGEMENT |
3.2.1.12 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
3.2.1.12 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/insmod | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
4.1.17 Ensure kernel module loading and unloading is collected - /sbin/insmod | CIS Debian 9 Server L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
4.1.17 Ensure kernel module loading and unloading is collected - /sbin/rmmod | CIS Debian 9 Server L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS Debian 9 Server L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
4.2.2.3 Ensure syslog-ng default file permissions configured | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
5.2 Use LockOut Realms | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
5.2 Use LockOut Realms | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
5.2 Use LockOut Realms | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
5.2.19 Ensure SSH warning banner is configured | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
5.3.19 Ensure SSH warning banner is configured | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3.20 Ensure SSH PAM is enabled - sshd_config | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3.20 Ensure SSH PAM is enabled - sshd_config | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3.23 Ensure SSH MaxSessions is limited - sshd | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
6.2.17 Ensure no duplicate GIDs exist | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
6.2.19 Ensure no duplicate group names exist | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
9.2 Disabling auto deployment of applications | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
9.2 Disabling auto deployment of applications | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
9.3 Disable deploy on startup of applications | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
9.3 Disable deploy on startup of applications | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
9.3 Disable deploy on startup of applications | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
9.3 Disable deploy on startup of applications | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
10.9 Configure connectionTimeout | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
10.9 Configure connectionTimeout | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
10.10 Configure connectionTimeout | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
10.15 Do not resolve hosts on logging valves | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
10.15 Do not resolve hosts on logging valves | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
10.16 Do not resolve hosts on logging valves | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
10.17 Enable memory leak listener - verify present | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
10.18 Setting Security Lifecycle Listener - check for umask present in startup | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
10.18 Setting Security Lifecycle Listener - check for umask uncommented in startup | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |