Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

chrony is not installed - UserTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3'Tenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'console session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

ACCESS CONTROL

Ensure 'EIGRP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Failover' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'HTTP session timeout' is less than or equal to '5' minutesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'Image Authenticity' is correctTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure 'logging buffered severity ' is greater than or equal to '3'Tenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging to Serial console' is disabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'logging with timestamps' is enabledTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'noproxyarp' is enabled for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'RIP authentication' is enabledTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - authenticationTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkdownTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'SNMP traps' is enabled - linkupTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure 'syslog hosts' is configured correctlyTenable Cisco Firepower Best Practices AuditCisco

AUDIT AND ACCOUNTABILITY

Ensure 'TLS 1.0' is set for HTTPS accessTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure DHCP services are disabled for untrusted interfaces - dhcpdTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DHCP services are disabled for untrusted interfaces - dhcprelayTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure DNS services are configured correctly - name-serverTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure email logging is configured for critical to emergencyTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure ICMP is restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure non-default application inspection is configured correctlyTenable Cisco Firepower Best Practices AuditCisco

SYSTEM AND INFORMATION INTEGRITY

Ensure packet fragments are restricted for untrusted interfacesTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/hosts.deny are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/shadow are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure prelink is disabled - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure remote rsyslog messages are only accepted on designated log hosts - ModLoadTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure rsh client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 default secureTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure separate partition exists for /var/logTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Ensure separate partition exists for /var/log/auditTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

Ensure session initiation information is collected - auditctl wtmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure successful file system mounts are collected - auditctl b32Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure successful file system mounts are collected - b64Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure suspicious packets are logged - sysctl ipv4 default log_martiansTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure syslog-ng is configured to send logs to a remote log host - log srcTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system is disabled when audit logs are full - 'action_mail_acct = root'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure talk client is not installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure the audit configuration is immutableTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure time synchronization is in useTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure timezone is properly configuredTenable Cisco Firepower Best Practices AuditCisco

CONFIGURATION MANAGEMENT

Ensure unsuccessful unauthorized file access attempts are collected - auditctl b32 EACCESTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure users' home directories permissions are 750 or more restrictiveTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

EX19-ED-000159 - Exchange must limit the Receive connector timeout.DISA Microsoft Exchange 2019 Edge Server STIG v2r2Windows

ACCESS CONTROL

MD7X-00-000400 MongoDB must provide audit record generation for DOD-defined auditable events within all DBMS/database components.DISA MongoDB Enterprise Advanced 7.x STIG v1r1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

MD7X-00-004400 MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA MongoDB Enterprise Advanced 7.x STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY