Item Search

NameAudit NamePluginCategory
1.1.1.6 Ensure squashfs kernel module is not availableCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure udf kernel module is not availableCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure udf kernel module is not availableCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.8 Ensure usb-storage kernel module is not availableCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION

1.1.2.3.1 Ensure separate partition exists for /homeCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.1 Ensure separate partition exists for /varCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.1 Ensure separate partition exists for /varCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.1 Ensure separate partition exists for /var/logCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.1.2.7.1 Ensure separate partition exists for /var/log/auditCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

1.7.6 Ensure GDM automatic mounting of removable media is disabledCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

MEDIA PROTECTION

1.8.7 Ensure GDM disabling automatic mounting of removable media is not overriddenCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION

2.1.1 Ensure autofs services are not in useCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION

2.1.1 Ensure autofs services are not in useCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION

2.1.1 Ensure autofs services are not in useCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION

3.1.3 Ensure bluetooth services are not in useCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

3.2.1 Ensure dccp kernel module is not availableCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure tipc kernel module is not availableCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

3.2.4 Ensure sctp kernel module is not availableCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

4.1.5 Ensure events that modify the system's network environment are collected - rules.d sethostname setdomainname 32-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlogCIS Red Hat 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmpCIS Red Hat 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmpCIS Red Hat 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmpCIS Red Hat 6 Workstation L2 v3.0.0Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.9 Ensure discretionary access control permission modification events are collected - rules.d chown 64-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

4.1.9 Ensure discretionary access control permission modification events are collected - rules.d setxattr 32-bitCIS Red Hat 6 Workstation L2 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.2.2.1 Ensure audit log storage size is configuredCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.7 Ensure unsuccessful file access attempts are collectedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recordedCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.2 Ensure audit log files are mode 0640 or less permissiveCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.4 Ensure only authorized groups are assigned ownership of audit log filesCIS Oracle Linux 7 v4.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.4.1.2 Ensure minimum password days is configuredCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.3.1 Ensure nologin is not listed in /etc/shellsCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

CONFIGURATION MANAGEMENT

6.3.1.1 Ensure auditd packages are installedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.1.2 Ensure auditing for processes that start prior to auditd is enabledCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.1 Ensure audit log storage size is configuredCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.2 Ensure audit logs are not automatically deletedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.3 Ensure system is disabled when audit logs are fullCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.2.4 Ensure system warns when audit logs are low on spaceCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.4 Ensure events that modify date and time information are collectedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.11 Ensure session initiation information is collectedCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.14 Ensure events that modify the system's Mandatory Access Controls are collectedCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collectedCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.20 Ensure the audit configuration is immutableCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.3.3.21 Ensure the running and on disk configuration is the sameCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.4.1 Ensure the audit log file directory mode is configuredCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.4 Ensure audit log files group owner is configuredCIS Rocky Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.6 Ensure audit configuration files owner is configuredCIS Oracle Linux 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.10 Ensure audit tools group owner is configuredCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION