Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2 Ensure that authorization is enabled for Cassandra databasesCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

Audit SGID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Audit SUID executablesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

chrony is not installed - NTP serverTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure access to the su command is restricted - pam_wheel.soTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure access to the su command is restricted - wheel group contains rootTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure AIDE is installed - rpmTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure CUPS Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure DHCP Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure GDM login banner is configured - user-dbTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure GPG keys are configured - apt-key listTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure ICMP redirects are not accepted - sysctl ipv4 all acceptTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure NFS and RPC are not enabled - NFSTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NFS and RPC are not enabled - RPCTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure NIS Server is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/gshadow are configured - permissionsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure permissions on /etc/issue are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/issue.net are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/passwd are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure permissions on /etc/shadow- are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on /etc/ssh/sshd_config are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure permissions on all logfiles are configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure remote rsyslog messages are only accepted on designated log hosts - InputTCPServerRunTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure remote syslog-ng messages are only accepted on designated log hostsTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 all rp_filterTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND COMMUNICATIONS PROTECTION

Ensure root is the only UID 0 accountTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure rsyslog default file permissions configuredTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure rsyslog is configured to send logs to a remote log hostTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure rsyslog or syslog-ng is installedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure Samba is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure separate partition exists for /homeTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure separate partition exists for /tmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure session initiation information is collected - auditctl utmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure session initiation information is collected - utmpTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure SSH HostbasedAuthentication is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Ensure SSH X11 forwarding is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure sticky bit is set on all world-writable directoriesTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure system administrator actions (sudolog) are collectedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system administrator actions (sudolog) are collected - auditctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure telnet client is not installed - dpkgTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure TIPC is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Ensure unsuccessful unauthorized file access attempts are collected - auditctl b64 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - b32 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERMTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure updates, patches, and additional security software are installed - apt-getTenable Cisco Firepower Management Center OS Best Practices AuditUnix

SYSTEM AND INFORMATION INTEGRITY

Ensure use of privileged commands is collectedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure xinetd is not enabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

CONFIGURATION MANAGEMENT

Lockout for failed password attempts - 'auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

NTP is not installed - restrict -4Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

NTP is not installed - restrict -6Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY