Item Search

NameAudit NamePluginCategory
1.2.1 Configure Global Authorization Rule to Restrict Access - add roles='administrators'CIS IIS 7.0 L1 v1.7.1Windows

ACCESS CONTROL

1.2.1 Configure Global Authorization Rule to Restrict Access - remove users='*'CIS IIS 7.5 L1 v1.7.1Windows

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS SUSE Linux Enterprise 15 Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcingCIS SUSE Linux Enterprise Workstation 11 L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcing - 'Current mode'CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.2 Ensure the SELinux state is enforcing - 'SELINUX'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configuredCIS SUSE Linux Enterprise Workstation 11 L2 v2.0.0Unix

ACCESS CONTROL

1.6.1.3 Ensure SELinux policy is configured - 'Policy from config file'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - 'profiles loaded'CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0Unix

ACCESS CONTROL

1.6.2.2 Ensure all AppArmor Profiles are enforcing - complain modeCIS SUSE Linux Enterprise Workstation 11 L2 v2.0.0Unix

ACCESS CONTROL

2.2 Give the BIND User Account an Invalid ShellCIS BIND DNS v3.0.0 Authoritative Name ServerUnix

ACCESS CONTROL

2.2.25 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

2.2.28 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MSWindows

ACCESS CONTROL

3.1.10 Authenticate federated users at the instance levelCIS IBM DB2 v10 v1.1.0 Windows OS Level 1Windows

ACCESS CONTROL

3.1.10 Authenticate federated users at the instance levelCIS IBM DB2 v10 v1.1.0 Linux OS Level 2Unix

ACCESS CONTROL

4.2 Ensure excessive administrative privileges are revokedCIS PostgreSQL 9.6 OS v1.0.0Unix

ACCESS CONTROL

4.5.1.9 CDE - /etc/dt/config/Xconfig permissions and ownershipCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

4.5.1.10 CDE - /etc/dt/config/Xservers permissions and ownershipCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

4.5.4.6 /var/spool/mqueue - access controlCIS IBM AIX 7.2 L1 v1.1.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.10 Yosemite L1 v1.1.0Unix

ACCESS CONTROL

5.3 Reduce the sudo timeout periodCIS Apple OSX 10.11 El Capitan L1 v1.0.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc'CIS Ubuntu Linux 14.04 LTS Server L1 v2.0.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/login.defs'CIS Ubuntu Linux 14.04 LTS Server L1 v2.0.0Unix

ACCESS CONTROL

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bash.bashrc.localCIS SUSE Linux Enterprise Workstation 11 L1 v2.0.0Unix

ACCESS CONTROL

6.1.3 Disable guest account loginCIS Apple OSX 10.9 L1 v1.3.0Unix

ACCESS CONTROL

6.1.3 Disable guest account loginCIS Apple macOS 10.13 L1 v1.0.0Unix

ACCESS CONTROL

6.1.3 Disable guest account loginCIS Apple OSX 10.11 El Capitan L1 v1.0.0Unix

ACCESS CONTROL

7.6 Set Default umask for Users, Check if 'UMASK' is set to 077.CIS Solaris 10 v5.2Unix

ACCESS CONTROL

8.1 Block system accounts, Ensure account 'bin' is locked.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block System Accounts, should pass if the default shell for 'bin' is set to /dev/null.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

8.1 Block System Accounts, should pass if the default shell for 'listen' is set to /dev/null.CIS Solaris 9 v1.3Unix

ACCESS CONTROL

10.18 Setting Security Lifecycle Listener (check for umask uncommented in startup)CIS Apache Tomcat 8 L1 v1.0.1Unix

ACCESS CONTROL

20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

Connection settings - 'pg_hba.conf no host entries for 'all' users'TNS PostgreSQL 9.1 Best Practices Windows OSWindows

ACCESS CONTROL

Connection settings - 'pg_hba.conf review entries using 'trust' method'TNS PostgreSQL 9.1 Best Practices Windows OSWindows

ACCESS CONTROL

Connections - Host Based Authentication - no unconditional connectTNS PostgreSQL 9.6 Best Practices Windows OSWindows

ACCESS CONTROL

Ensure Session Security Integration is EnabledTNS IBM WebSphere Application Server 9 Linux Best PracticesUnix

ACCESS CONTROL

IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE or *USE or *EXCLUDE'IBM iSeries Security Reference v5r4AS/400

ACCESS CONTROL

IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE'IBM System i Security Reference for V7R2AS/400

ACCESS CONTROL

Logon options - Internet ZoneMSCT Windows Server 1903 MS v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows 10 v1903 v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Network access: Allow anonymous SID/Name translationMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

VM : verify-network-filterVMWare vSphere 6.0 Hardening GuideVMware

ACCESS CONTROL

VM: verify-network-filterTNS VMWare vSphere Best PracticesVMware

ACCESS CONTROL