Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure a separate user and group exist for Cassandra - group	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0	Unix	ACCESS CONTROL
1.1 Ensure a separate user and group exist for Cassandra - passwd	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
1.1 Ensure a separate user and group exist for Cassandra - passwd	CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0	Unix	ACCESS CONTROL
1.4.3 Ensure authentication required for single user mode - rescue.service	CIS CentOS 6 Server L1 v3.0.0	Unix	CONFIGURATION MANAGEMENT
1.5 Ensure the Cassandra service is run as a non-root user	CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
2.2.7 Ensure 'Back up files and directories' is set to 'Administrators'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.9 Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE, Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.11 Ensure 'Create a token object' is set to 'No One'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.14 Configure 'Create symbolic links'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.3.1.1 Ensure 'Accounts: Administrator account status' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.3.1.4 Configure 'Accounts: Rename administrator account'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
3.2.1.11 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled'	MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.13 Ensure 'Allow installing configuration profiles' is set to 'Disabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	CONFIGURATION MANAGEMENT
3.2.1.15 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2	MDM	CONFIGURATION MANAGEMENT
3.2.1.16 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled'	AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L2	MDM	CONFIGURATION MANAGEMENT
3.4 Ensure Apache Directories and Files Are Owned By Root	CIS Apache HTTP Server 2.2 L1 v3.6.0	Unix	ACCESS CONTROL
4.1.13 Ensure use of privileged commands is collected	CIS Distribution Independent Linux Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.13 Ensure use of privileged commands is collected	CIS Distribution Independent Linux Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure system administrator actions (sudolog) are collected - auditctl	CIS Amazon Linux v2.1.0 L2	Unix	AUDIT AND ACCOUNTABILITY
4.2.1.4 Ensure rsyslog default file permissions configured	CIS CentOS 6 Server L1 v3.0.0	Unix	AUDIT AND ACCOUNTABILITY
4.2.3 Ensure permissions on all logfiles are configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.3 Ensure permissions on /etc/cron.hourly are configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.7 Ensure permissions on /etc/cron.d are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.2 Ensure permissions on SSH private host key files are configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.3 Ensure permissions on SSH public host key files are configured	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.20 Ensure SSH PAM is enabled	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.2.22 Ensure SSH MaxStartups is configured	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.6 Ensure access to the su command is restricted - wheel group contains root	CIS Distribution Independent Linux Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.7 Ensure access to the su command is restricted - pam_wheel.so	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.1.13 Audit SUID executables	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.1.13 Audit SUID executables	CIS Distribution Independent Linux Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.14 Audit SGID executables	CIS CentOS 6 Server L1 v3.0.0	Unix	ACCESS CONTROL
6.2.6 Ensure root is the only UID 0 account	CIS CentOS 6 Workstation L1 v3.0.0	Unix	ACCESS CONTROL
6.2.10 Ensure root is the only UID 0 account	CIS Debian Family Server L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Act as part of the operating system	MSCT Windows Server v20H2 MS v1.0.0	Windows	ACCESS CONTROL
Back up files and directories	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Create a pagefile	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows Server v20H2 DC v1.0.0	Windows	ACCESS CONTROL
Enable computer and user accounts to be trusted for delegation	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT Windows Server v20H2 MS v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows Server v20H2 DC v1.0.0	Windows	ACCESS CONTROL
Load and unload device drivers	MSCT Windows Server v20H2 MS v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows Server v20H2 DC v1.0.0	Windows	ACCESS CONTROL
Modify firmware environment values	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL
Modify firmware environment values	MSCT Windows Server v20H2 MS v1.0.0	Windows	ACCESS CONTROL
Perform volume maintenance tasks	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Restore files and directories	MSCT Windows Server 2019 MS v1.0.0	Windows	ACCESS CONTROL
Take ownership of files or other objects	MSCT Windows Server 2016 MS v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search