1.1 Remove extraneous files and directories - /server/webapps/host-manager.xml | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - /webapps/balancer | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - /webapps/tomcat-docs | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - CATALINA_HOME/server/webapps/manager | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/js-examples | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/webdav | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1.5 Ensure that the --insecure-bind-address argument is not set | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
1.1.6 Ensure that the --insecure-port argument is set to 0 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
1.1.9 - AirWatch - Disable 'Location Services' - GPS Location Services | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.9 - MobileIron - Turn off Auto-Join for all Wi-Fi networks | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.10 - AirWatch - Turn Off AirDrop Discoverability | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.10 - MobileIron - Turn Off AirDrop Discoverability | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.13 - MobileIron - Turn off VPN when not needed | MobileIron - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
1.1.16 - AirWatch - Disable View in Lock Screen for apps when device is locked | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
1.1.17 - MobileIron - Disable 'Unknown sources' - Samsung SAFE | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
1.1.31 Ensure that the --authorization-mode argument is set to Node | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | ACCESS CONTROL |
1.2.3 - AirWatch - Disable Auto Fill for Contact Information | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
2.1.3 Ensure discard services are not enabled - discard-dgram | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.4 Ensure echo services are not enabled - echo-stream | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.6 Ensure rsh server is not enabled - rlogin | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.9 Ensure tftp server is not enabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.1.11 Ensure xinetd is not enabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.2.8 Ensure DNS Server is not enabled | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.2.8 Ensure DNS Server is not enabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
2.4.3 Disable Screen Sharing | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.3 Disable Screen Sharing | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
2.4.8 Disable File Sharing - SMB | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
3.1.14 Ensure that the --authorization-mode argument is not set to AlwaysAllow | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | ACCESS CONTROL |
3.5.2 Ensure SCTP is disabled (modprobe) | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
3.5.4 Ensure TIPC is disabled (lsmod) | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
4.5 Ensure nfs server is not running | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
4.6 Ensure nfs server is not running | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
5.1.6 Ensure telnet server is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.3.2 Remove mail related ESPs - sybmail.dll | CIS Sybase 15.0 L2 OS Windows v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
5.5 Ensure discard is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.6 Ensure ssh is not run within containers | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
6.4 Ensure DHCP Server is not enabled - isc-dhcp-server6 | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
6.15 Configure Mail Transfer Agent for Local-Only Mode | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
8.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - InputTCPServerRun - Syslog Server | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
9.10 Check for Presence of User .rhosts Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
9.21 Check for presence of user .forward files - Checks for the presence of .forward files in home directories. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
13.10 Check for Presence of User .rhosts Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
13.10 Check for Presence of User .rhosts Files | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.8.37.2 Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
Restrict Unauthenticated RPC clients | MSCT Windows 10 v20H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows Server v20H2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Restrict Unauthenticated RPC clients | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |