Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Keep ESXi system properly patchedCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
1.1 Place Databases on Non-System PartitionsCIS MariaDB 10.6 on Linux L1 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

1.1.3 (L1) Ensure that between two and four global admins are designatedCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

ACCESS CONTROL

2.2.25 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3 Disable Managed Object Browser (MOB)CIS VMware ESXi 5.1 v1.0.1 Level 1VMware
2.6 Ensure proper SNMP configuration- 'community name public does not exist'CIS VMware ESXi 5.1 v1.0.1 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

2.7 Prevent unintended use of dvfilter network APIsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

ACCESS CONTROL

2.8 When adding ESXi hosts to Active Directory use the vSphere Authentication Proxy to protect passwordsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
2.21 (L1) Ensure 'Allow reporting of domain reliability related data' Is DisabledCIS Google Chrome L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.3 Configure persistent logging for all ESXi hostCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

AUDIT AND ACCOUNTABILITY

3.5 Ensure Relational Database Service is Multi-AZ EnabledCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

SYSTEM AND INFORMATION INTEGRITY

3.9 Ensure 'audit_log_file' Has Appropriate PermissionsCIS MySQL 5.7 Enterprise Database L1 v2.0.0MySQLDB

ACCESS CONTROL, MEDIA PROTECTION

4.1 Create a non-root user account for local admin accessCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.1 Disable DCUI to prevent local administrative controlCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

5.1 Ensure that system activity is auditedCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 4 L1 OS Windows v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

5.1 Ensure that system activity is auditedCIS MongoDB 5 L1 OS Linux v1.2.0Unix

AUDIT AND ACCOUNTABILITY

5.1 Set Sticky Bit on World Writable DirectoriesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

5.2 Disable ESXi Shell unless needed for diagnostics or troubleshootingCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

CONFIGURATION MANAGEMENT

5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative UsersCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 DatabaseMySQLDB

ACCESS CONTROL

5.6 Set a timeout to automatically terminate idle ESXi Shell and SSH sessionsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

ACCESS CONTROL

6.1 Enable bidirectional CHAP authentication for iSCSI trafficCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

IDENTIFICATION AND AUTHENTICATION

7.1 Ensure default_authentication_plugin is Set to a Secure OptionCIS Oracle MySQL Community Server 8.4 v1.0.0 L1 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure default_authentication_plugin is Set to a Secure OptionCIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 DatabaseMySQLDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1.2 Ensure that the MAC Address Change policy is set to rejectCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.1.4 Ensure that there are no unused ports on a distributed virtual port groupCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
7.2.1 Ensure that port groups are not configured to the value of the native VLANCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
7.3.2 Ensure that the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

8.3.4 Use templates to deploy VMs whenever possibleCIS VMware ESXi 5.1 v1.0.1 Level 1VMware
8.4.4 Control VMsafe Agent ConfigurationCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND INFORMATION INTEGRITY

8.4.12 Disable Drag and Drop Version GetCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.13 Disable Drag and Drop Version SetCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.20 Disable GetCredsCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.21 Disable Host Guest File System ServerCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.24 Disable VM Monitor ControlCIS VMware ESXi 5.1 v1.0.1 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.26 Disable VM Console Drag and Drop operationsCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

CONFIGURATION MANAGEMENT

8.5.1 Prevent virtual machines from taking over resources - Mem Share LevelCIS VMware ESXi 5.1 v1.0.1 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

CIS VMware ESXi 5.5 v1.2.0 Level 1CIS VMware ESXi 5.5 v1.2.0 Level 1VMware
CISC-RT-000680 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN.DISA Cisco IOS XE Router RTR STIG v3r3Cisco

CONFIGURATION MANAGEMENT

MYS8-00-006500 - The MySQL Database Server 8.0 must isolate security functions from non-security functions.DISA Oracle MySQL 8.0 v2r2 DBMySQLDB

SYSTEM AND COMMUNICATIONS PROTECTION