Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure 'Logon Password' is set	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	IDENTIFICATION AND AUTHENTICATION
1.1.4 Ensure 'Password Recovery' is disabled	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
1.4.1.2 Ensure 'Emergency' account is set	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
1.4.3.4 Ensure 'aaa authentication ssh console' is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.4.4.1 Ensure 'aaa command authorization' is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.4.5.2 Ensure 'aaa accounting for SSH' is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.4.5.3 Ensure 'aaa accounting for EXEC mode' is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.6.4 Ensure 'SCP protocol' is set to Enable for files transfers	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
1.10.6 Ensure 'logging with timestamps' is enabled	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	AUDIT AND ACCOUNTABILITY
1.10.7 Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb)	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	AUDIT AND ACCOUNTABILITY
1.11.1 Ensure 'snmp-server group' is set to 'v3 priv'	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
1.11.2 Ensure 'snmp-server user' is set to 'v3 auth SHA'	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
1.11.4 Ensure 'SNMP traps' is enabled	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.1.1.1.2 Set the 'ip domain-name'	CIS Cisco IOS 15 L1 v4.1.1	Cisco	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
2.1.3 Ensure 'BGP authentication' is enabled	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2 Ensure 'noproxyarp' is enabled for untrusted interfaces	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.1.1 Set 'ntp authenticate'	CIS Cisco IOS 15 L2 v4.1.1	Cisco	AUDIT AND ACCOUNTABILITY
3.4 Ensure non-default application inspection is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, MAINTENANCE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.7 Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.9 Ensure Botnet protection is enabled for untrusted interfaces	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.10 Ensure ActiveX filtering is enabled	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.13 Ensure VPN traffic goes through the relevant ACL	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT
CIS_Cisco_IOS_15_v4.1.1_Level_1.audit from CIS Cisco IOS 15 Benchmark	CIS Cisco IOS 15 L1 v4.1.1	Cisco
CISC-RT-000235 - The Cisco router must be configured to have Cisco Express Forwarding enabled.	DISA Cisco IOS XR Router RTR STIG v3r2	Cisco	CONFIGURATION MANAGEMENT
CISC-RT-000235 - The Cisco router must be configured to have Cisco Express Forwarding enabled.	DISA Cisco IOS Router RTR STIG v3r3	Cisco	CONFIGURATION MANAGEMENT
CISC-RT-000235 - The Cisco switch must be configured to have Cisco Express Forwarding enabled.	DISA STIG Cisco IOS Switch RTR v3r1	Cisco	CONFIGURATION MANAGEMENT
CISC-RT-000235 - The Cisco switch must be configured to have Cisco Express Forwarding enabled.	DISA STIG Cisco IOS XE Switch RTR v3r1	Cisco	CONFIGURATION MANAGEMENT
FGFW-ND-000005 - The FortiGate device must automatically audit account creation	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	ACCESS CONTROL
FGFW-ND-000075 - The FortiGate device must generate audit records when successful/unsuccessful logon attempts occur	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000080 - The FortiGate device must generate audit records for privileged activities or other system-level access	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000085 - The FortiGate device must generate audit records showing starting and ending time for administrator access to the system	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000095 - The FortiGate device must generate audit records containing information that establishes the identity of any individual or process associated with the event.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000110 - The FortiGate device must off-load audit records on to a different system or media than the system being audited.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000125 - The FortiGate device must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000130 - The FortiGate device must protect audit information from unauthorized deletion.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000140 - The FortiGate device must protect audit tools from unauthorized modification.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	AUDIT AND ACCOUNTABILITY
FGFW-ND-000150 - The FortiGate device must enforce access restrictions associated with changes to device configuration.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	CONFIGURATION MANAGEMENT
FGFW-ND-000230 - The FortiGate device must enforce password complexity by requiring that at least one lowercase character be used.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	IDENTIFICATION AND AUTHENTICATION
FGFW-ND-000235 - The FortiGate device must enforce password complexity by requiring at least one numeric character be used.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	IDENTIFICATION AND AUTHENTICATION
FGFW-ND-000245 - The FortiGate device must use LDAPS for the LDAP connection.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	IDENTIFICATION AND AUTHENTICATION
FGFW-ND-000255 - The FortiGate device must use FIPS 140-2 approved algorithms for authentication to a cryptographic module.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	IDENTIFICATION AND AUTHENTICATION
FGFW-ND-000260 - The FortiGate devices must use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	MAINTENANCE
FGFW-ND-000265 - The FortiGate device must implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	MAINTENANCE
FGFW-ND-000270 - The FortiGate device must terminate idle sessions after 10 minutes of inactivity.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	MAINTENANCE
FGFW-ND-000275 - The FortiGate device must terminate idle sessions after 10 minutes of inactivity.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
FGFW-ND-000280 - The FortiGate device must generate unique session identifiers using a FIPS 140-2-approved random number generator.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	SYSTEM AND COMMUNICATIONS PROTECTION
FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	SYSTEM AND INFORMATION INTEGRITY
FGFW-ND-000300 - The FortiGate device must limit the number of logon and user sessions	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	ACCESS CONTROL
FGFW-ND-000305 - The FortiGate device must only install patches or updates that are validated by the vendor via digital signature or hash.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	CONFIGURATION MANAGEMENT
FGFW-ND-000311 - The FortiGate device must require that when a password is changed, the characters are changed in at least eight of the positions within the password.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search