Item Search

Name	Audit Name	Plugin	Category
1.0.1 Install the latest Fixpak	CIS IBM DB2 OS L2 v1.2.0	Unix	SYSTEM AND INFORMATION INTEGRITY
3.1.2 Encrypt user data across the network - 'authentication = Data_Encrypt'	CIS IBM DB2 OS L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.4 Disable data links support - 'datalinks = no'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.1.7 Set diagnostic logging to capture errors and warnings - 'diaglevel = 3 or 4'	CIS IBM DB2 OS L2 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.11 Authenticate federated users at the instance level - 'fed_noauth = no'	CIS IBM DB2 OS L2 v1.2.0	Unix	ACCESS CONTROL
3.1.12 Enable instance health monitoring - 'health_mon = on'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.1.13 Retain fenced model processes - 'keepfenced = no'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.1.14 Set maximum connection limits - 'max_connections <= 100'	CIS IBM DB2 OS L2 v1.2.0	Unix	ACCESS CONTROL
3.1.14 Set maximum connection limits - 'max_coordagents <= 100'	CIS IBM DB2 OS L2 v1.2.0	Unix	ACCESS CONTROL
3.2.2 Auto-restart after abnormal termination - 'autorestart = on'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.2.11 Establish retention set size for backups - 'num_db_backups <= 100'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONTINGENCY PLANNING, SYSTEM AND INFORMATION INTEGRITY
3.3.2 Set a generic system name - 'db2system value'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Disable DAS discoverability - 'discover = disable'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.3.4 Do not execute expired tasks - 'exec_exp_task = no'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.3.6 Secure the JDK 64-bit runtime library - 'jdk_64_path value'	CIS IBM DB2 OS L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
3.8 Ensure Windows BUILTIN groups are not SQL Logins	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0	MS_SQLDB	ACCESS CONTROL
4.0.1 Enforce Label-Based Access Controls Implementation	CIS IBM DB2 OS L2 v1.2.0	Unix
5.0.1 Enable Backup Redundancy	CIS IBM DB2 OS L2 v1.2.0	Unix
7.0.1 Establish an administrator group - 'sysadm_group value'	CIS IBM DB2 OS L2 v1.2.0	Unix	ACCESS CONTROL
7.0.3 Establish system maintenance group - 'sysmaint_group users'	CIS IBM DB2 OS L1 v1.2.0	Unix	ACCESS CONTROL
8.0.1 Start and Stop DB2 Instance	CIS IBM DB2 OS L1 v1.2.0	Unix
8.0.7 Secure the permission of the IBMLDAPSecurity.ini file	CIS IBM DB2 OS L2 v1.2.0	Unix
9.0.3 Secure DB2 Health Monitor Utility	CIS IBM DB2 OS L1 v1.2.0	Unix
18.9.11.1.9 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.3 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.4 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Recovery Password' is set to 'Enabled: Require 48-digit recovery password'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.11 (BL) Ensure 'Configure minimum PIN length for startup' is set to 'Enabled: 7 or more characters'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.9.11.2.15 Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.14 Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.9 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.13 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.13 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.13 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.13 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.8 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Save BitLocker recovery information to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.10 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.10 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.13 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
CIS MS Office Outlook 2010 v1.0.0.audit for MS Outlook 06-28-2013	CIS MS Office Outlook 2010 v1.0.0	Windows
CIS_Apple_macOS_13.0_Ventura_Cloud-tailored_v1.1.0_L1.audit from CIS Apple macOS 13.0 Ventura Cloud-tailored Benchmark v1.1.0	CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1	Unix
CIS_Apple_macOS_14.0_Sonoma_Cloud-tailored_v1.1.0_L2.audit from CIS Apple macOS 14.0 Sonoma Cloud-tailored Benchmark v1.1.0	CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2	Unix

Detections

Analytics

Item Search