Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 Ensure /tmp is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.4 Ensure nodev option set on /tmp partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.9 Ensure nosuid option set on /dev/shm partitionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.18 Ensure /home partition includes the nodev optionCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION

1.2.1 Ensure GPG keys are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.2.2 Ensure package manager repositories are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.6.1.6 Ensure no unconfined services existCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.7.4 Ensure remote login warning banner is configured properlyCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.7.5 Ensure permissions on /etc/motd are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2.6 Ensure LDAP server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.8 Ensure FTP Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.9 Ensure HTTP server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.14 Ensure NIS server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.18 Ensure rpcbind is not installed or the rpcbind services are maskedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.29 Configure 'Log on as a service'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

3.2.2 Ensure packet redirect sending is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.3.8 Ensure Reverse Path Filtering is enabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.4 Ensure iptables are flushed with nftablesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.1.1 Ensure iptables packages are installedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.1 Ensure iptables loopback traffic is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.5 Ensure iptables rules are savedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.6 Ensure iptables is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.2 Ensure rsyslog Service is enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.5 Ensure rsyslog is configured to send logs to a remote log hostCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.CIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2.1 Ensure journald is configured to send logs to rsyslogCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure cron is restricted to authorized usersCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure sudo log file existsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3.9 Ensure SSH MaxAuthTries is set to 4 or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3.12 Ensure SSH root login is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.3.15 Ensure only strong Ciphers are usedCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.24 Ensure SSH MaxStartups is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.3 Ensure password hashing algorithm is SHA-512CIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.5.1.1 Ensure password expiration is 365 days or lessCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.2 Ensure minimum days between password changes is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.3 Ensure password expiration warning days is 7 or moreCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.5 Ensure all users last password change date is in the pastCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.13 Ensure 'Peer Networking Identity Manager (p2pimsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.16 Ensure 'Remote Access Auto Connection Manager (RasAuto)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.32 Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

6.1.2 Ensure permissions on /etc/passwd are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

18.9.11.3.3 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.5 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.6 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.7 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.77.3.1 Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL