Item Search

NameAudit NamePluginCategory
1.1.4.1 Ensure separate partition exists for /var/tmpCIS AlmaLinux OS 9 Server L2 v1.0.0Unix
1.1.5.2 Ensure nodev option set on /var/log partitionCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.1.5.3 Ensure noexec option set on /var/log partitionCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.1.6.4 Ensure nosuid option set on /var/log/audit partitionCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.1.7.2 Ensure nodev option set on /home partitionCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.1.15 Ensure that the scheduler.conf file permissions are set to 600 or more restrictiveCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootCIS Kubernetes Benchmark v1.7.1 L1 MasterUnix
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:rootCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
1.1.21 Ensure that the Kubernetes PKI key file permissions are set to 600CIS Kubernetes Benchmark v1.7.1 L1 MasterUnix
1.2.8 Ensure that the --authorization-mode argument includes RBACCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
1.2.11 Ensure that the admission control plugin AlwaysPullImages is setCIS Kubernetes Benchmark v1.7.1 L1 MasterUnix
1.2.13 Ensure that the admission control plugin ServiceAccount is setCIS Kubernetes Benchmark v1.8.0 L2 MasterUnix
1.6.1.5 Ensure the SELinux mode is enforcingCIS AlmaLinux OS 9 Server L2 v1.0.0Unix
1.7.4 Ensure permissions on /etc/motd are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.7.6 Ensure permissions on /etc/issue.net are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
1.11 Ensure That Separation of Duties Is Enforced While Assigning KMS Related Roles to Users - Encrypter/DecrypterCIS Google Cloud Platform v2.0.0 L2GCP
2.2.48 Ensure 'Take ownership of files or other objects' is set to 'Administrators'CIS Microsoft Windows Server 2016 DC L1 v1.4.0Windows
2.2.48 Ensure 'Take ownership of files or other objects' is set to 'Administrators'CIS Microsoft Windows Server 2019 DC L1 v1.3.0Windows
2.2.48 Ensure 'Take ownership of files or other objects' is set to 'Administrators'CIS Windows Server 2012 R2 DC L1 v2.6.0Windows
2.3.10.12 Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'CIS Microsoft Windows Server 2019 DC L1 v1.3.0Windows
2.5 Ensure that the --peer-client-cert-auth argument is set to trueCIS Kubernetes Benchmark v1.7.1 L1 MasterUnix
4.1.1 Ensure that the kubelet service file permissions are set to 600 or more restrictiveCIS Kubernetes Benchmark v1.8.0 L1 MasterUnix
4.1.4.1 Ensure audit log files are mode 0640 or less permissiveCIS AlmaLinux OS 9 Workstation L2 v1.0.0Unix
4.1.4.7 Ensure audit configuration files belong to group rootCIS AlmaLinux OS 9 Workstation L2 v1.0.0Unix
4.1.4.10 Ensure audit tools belong to group rootCIS AlmaLinux OS 9 Workstation L2 v1.0.0Unix
4.1.9 If the kubelet config.yaml configuration file is being used validate permissions set to 600 or more restrictiveCIS Kubernetes Benchmark v1.8.0 L1 WorkerUnix
4.2.7 Restrict Access to SYSCAT.CONTEXTATTRIBUTESCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.12 Restrict Access to SYSCAT.EVENTSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.21 Restrict Access to SYSCAT.ROLESCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.22 Restrict Access to SYSCAT.ROUTINEAUTHCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.25 Restrict Access to SYSCAT.SECURITYLABELCOMPONENTELEMENTSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.27 Restrict Access to SYSCAT.SECURITYLABELSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.33 Restrict Access to SYSCAT.SCHEMATACIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.37 Restrict Access to SYSCAT.SURROGATEAUTHIDSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.39 Restrict Access to SYSCAT.TBSPACEAUTHCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.2.44 Restrict Access to SYSCAT.WRAPOPTIONSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.3.11 Restrict Access to SYSIBM.SYSDBAUTHCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
4.3.29 Restrict Access to SYSIBM.SYSSECURITYLABELCOMPONENTSCIS IBM DB2 11 v1.0.0 Database Level 1IBM_DB2DB
5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.1.7 Ensure permissions on /etc/cron.d are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.1.9 Ensure at is restricted to authorized usersCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.2.2 Ensure permissions on SSH private host key files are configuredCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
5.6.3 Ensure Master Authorized Networks is EnabledCIS Google Kubernetes Engine (GKE) v1.4.0 L1GCP
6.2.11 Ensure local interactive users own their home directoriesCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
6.2.15 Ensure no local interactive user has .rhosts filesCIS AlmaLinux OS 9 Workstation L1 v1.0.0Unix
18.9.4.1 Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'CIS Microsoft Windows Server 2019 DC L2 v1.2.0Windows
19.7.28.1 Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled' - EnabledCIS Windows Server 2012 DC L1 v2.4.0Windows