Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of udf filesystems is disabled - lsmod	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of FAT filesystems is limited - lsmod fat	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of FAT filesystems is limited - lsmod fat	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of FAT filesystems is limited - lsmod vfat	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of FAT filesystems is limited - modprobe fat	CIS Fedora 19 Family Linux Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.2.13 Ensure that the admission control plugin NamespaceLifecycle is set	CIS Kubernetes v1.12.0 L2 Master Node	Unix	CONFIGURATION MANAGEMENT
1.2.14 Ensure that the admission control plugin NamespaceLifecycle is set	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	CONFIGURATION MANAGEMENT
1.2.22 Ensure that the --request-timeout argument is set as appropriate	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	CONFIGURATION MANAGEMENT
1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriate	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master	Unix	SYSTEM AND INFORMATION INTEGRITY
1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriate	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master	Unix	SYSTEM AND INFORMATION INTEGRITY
1.5.3 Ensure authentication required for single user mode - /usr/lib/systemd/system/rescue.service	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.1.3 Ensure remote login warning banner is configured properly	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.3 Ensure last logged in user display is disabled - file-db	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.3 Ensure last logged in user display is disabled - system-db:gdm	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.10 Ensure GDM is removed or login is configured - gdm user-db	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - 'net.ipv4.conf.all.accept_source_route = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - 'net.ipv6.conf.default.accept_source_route = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.all.secure_redirects = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.5 Ensure broadcast ICMP requests are ignored - 'net.ipv4.icmp_echo_ignore_broadcasts = 0'	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.6 Ensure bogus ICMP responses are ignored - sysctl net.ipv4.icmp_ignore_bogus_error_responses	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.8 Ensure TCP SYN Cookies is enabled - net.ipv4.tcp_syncookies = 1	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - net.ipv6.conf.default.accept_ra = 0	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.9 Ensure IPv6 router advertisements are not accepted - sysctl net.ipv6.conf.all.accept_ra	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmod	CIS Oracle Linux 6 Workstation L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl modprobe	CIS Fedora 19 Family Linux Workstation L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - rules.d modules	CIS Oracle Linux 6 Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
4.2.3 Ensure permissions on all logfiles are configured	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.1 Ensure cron daemon is enabled and running - status	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.1.21 Ensure SSH MaxStartups is configured	CIS Google Container-Optimized OS v1.2.0 L2 Server	Unix	CONFIGURATION MANAGEMENT
5.2.17 Ensure SSH LoginGraceTime is set to one minute or less	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.23 Ensure SSH MaxSessions is limited - sshd	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.3.23 Ensure SSH MaxSessions is limited - sshd_config	CIS Oracle Linux 6 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
5.6 Ensure access to the su command is restricted - pam_wheel.so	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
5.6 Ensure access to the su command is restricted - wheel	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.5 Ensure all users' home directories exist	CIS Fedora 19 Family Linux Workstation L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.2.20 Ensure shadow group is empty	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.5.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.6.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG	Windows	CONFIGURATION MANAGEMENT
18.9.11.1.14 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
18.9.95.2 Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search