Item Search

Name	Audit Name	Plugin	Category
1.1.4 Set 'login authentication for 'line con 0'	CIS Cisco IOS 12 L1 v4.0.0	Cisco	IDENTIFICATION AND AUTHENTICATION
1.3.2 Set the 'banner-text' for 'banner login'	CIS Cisco IOS 12 L1 v4.0.0	Cisco	ACCESS CONTROL
1.4.1.3 Ensure known default accounts do not exist	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	IDENTIFICATION AND AUTHENTICATION
3.3.1.4 Set 'address-family ipv4 autonomous-system'	CIS Cisco IOS XE 16.x v2.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.3.1.4 Set 'address-family ipv4 autonomous-system'	CIS Cisco IOS XE 17.x v2.2.1 L2	Cisco	ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
5.22 Ensure 'Routing and Remote Access (RemoteAccess)' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
7.5 (L1) Ensure port groups are not configured to VLAN values reserved by upstream physical switches	CIS VMware ESXi 7.0 v1.5.0 L1	VMware	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.4.3 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.5 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT, RISK ASSESSMENT
18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.5.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v4.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v2.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.5.5 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS auth mode	DISA STIG Arista MLS DCS-7000 Series RTR v1r4	Arista	ACCESS CONTROL, CONFIGURATION MANAGEMENT
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS md5 key	DISA STIG Arista MLS DCS-7000 Series RTR v1r4	Arista	ACCESS CONTROL, CONFIGURATION MANAGEMENT
AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - OSPF message-digest	DISA STIG Arista MLS DCS-7000 Series RTR v1r4	Arista	ACCESS CONTROL, CONFIGURATION MANAGEMENT
ARST-RT-000430 - The out-of-band management (OOBM) Arista gateway router must be configured to block any traffic destined to itself that is not sourced from the OOBM network or the NOC.	DISA STIG Arista MLS EOS 4.2x Router v2r1	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
ARST-RT-000430 - The out-of-band management (OOBM) Arista gateway router must be configured to block any traffic destined to itself that is not sourced from the OOBM network or the NOC.	DISA Arista MLS EOS 4.X Router STIG v2r2	Arista	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lowercase character be used.	DISA Cisco IOS Switch NDM STIG v3r7	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used.	DISA Cisco IOS Switch NDM STIG v3r7	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used.	DISA Cisco IOS XE Switch NDM STIG v3r6	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-ND-001000 - The Cisco switch must be configured to generate an alert for all audit failure events.	DISA Cisco IOS Switch NDM STIG v3r7	Cisco	AUDIT AND ACCOUNTABILITY
Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all accept	Tenable Cisco Firepower Management Center OS Best Practices Audit	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
GEN003600 - The system must not forward IPv4 source-routed packets.	DISA STIG Solaris 10 SPARC v2r4	Unix	CONFIGURATION MANAGEMENT
GEN003600 - The system must not forward IPv4 source-routed packets.	DISA STIG Solaris 10 X86 v2r4	Unix	CONFIGURATION MANAGEMENT
GEN005900-ESXI5-00891 - The nosuid option must be enabled on all NFS client mounts.	DISA VMWare ESXi 5.0 Server STIG v2r1	VMware	CONFIGURATION MANAGEMENT
GEN007920 - The system must not forward IPv6 source-routed packets - 'net.ipv6.conf.default.forwarding'	DISA STIG for Oracle Linux 5 v2r1	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT
GEN007920 - The system must not forward IPv6 source-routed packets - 'net.ipv6.conf.default.forwarding'	DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit	Unix	ACCESS CONTROL
GEN007920 - The system must not forward IPv6 source-routed packets - ip6_forward_src_routed	DISA STIG Solaris 10 X86 v2r4	Unix	CONFIGURATION MANAGEMENT
Keychain Policy - Key Policy - Endtime	Tenable Cisco ACI	Cisco_ACI	IDENTIFICATION AND AUTHENTICATION
Management Access Policy - SSH Access Via Web - Admin State	Tenable Cisco ACI	Cisco_ACI	CONFIGURATION MANAGEMENT
Management Access Policy - Telnet - Admin State	Tenable Cisco ACI	Cisco_ACI	CONFIGURATION MANAGEMENT
MS.AAD.7.3v1 - Privileged users SHALL be provisioned cloud-only accounts separate from an on-premises directory or other federated identity providers.	CISA SCuBA Microsoft 365 Entra ID v1.5.0	microsoft_azure	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
O19C-00-015300 - Oracle Database must map the authenticated identity to the user account using public key infrastructure (PKI)-based authentication.	DISA Oracle Database 19c STIG v1r3 OracleDB	OracleDB	IDENTIFICATION AND AUTHENTICATION
OL6-00-000349 - The system must be configured to require the use of a CAC, PIV compliant hardware token, or Alternate Logon Token (ALT) for authentication.	DISA STIG Oracle Linux 6 v2r7	Unix	IDENTIFICATION AND AUTHENTICATION
OL07-00-040610 - The Oracle Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets.	DISA Oracle Linux 7 STIG v3r5	Unix	CONFIGURATION MANAGEMENT
OL07-00-040620 - The Oracle Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.	DISA Oracle Linux 7 STIG v3r5	Unix	CONFIGURATION MANAGEMENT
OL08-00-040262 - OL 8 must not accept router advertisements on all IPv6 interfaces by default.	DISA Oracle Linux 8 STIG v2r8	Unix	CONFIGURATION MANAGEMENT
OL09-00-006044 - OL 9 must not accept router advertisements on all IPv6 interfaces by default.	DISA Oracle Linux 9 STIG v1r5	Unix	CONFIGURATION MANAGEMENT
Review the list of all Domains created since the last scan	Tenable Best Practices RackSpace v2.0.0	Rackspace	CONFIGURATION MANAGEMENT
Review the list of all Domains updated since the last scan	Tenable Best Practices RackSpace v2.0.0	Rackspace	CONFIGURATION MANAGEMENT
RHEL-07-040610 - The Red Hat Enterprise Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets.	DISA Red Hat Enterprise Linux 7 STIG v3r15	Unix	CONFIGURATION MANAGEMENT
SLEM-05-254010 - SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed packets.	DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4	Unix	CONFIGURATION MANAGEMENT
SLEM-05-254015 - SLEM 5 must not forward Internet Protocol version 6 (IPv6) source-routed packets by default.	DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4	Unix	CONFIGURATION MANAGEMENT
SLES-12-030360 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets.	DISA SLES 12 STIG v3r4	Unix	CONFIGURATION MANAGEMENT
SLES-12-030361 - The SUSE operating system must not forward Internet Protocol version 6 (IPv6) source-routed packets.	DISA SLES 12 STIG v3r4	Unix	CONFIGURATION MANAGEMENT
SLES-12-030362 - The SUSE operating system must not forward Internet Protocol version 6 (IPv6) source-routed packets by default.	DISA SLES 12 STIG v3r4	Unix	CONFIGURATION MANAGEMENT
SLES-12-030370 - The SUSE operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.	DISA SLES 12 STIG v3r4	Unix	CONFIGURATION MANAGEMENT
SLES-15-040310 - The SUSE operating system must not forward Internet Protocol version 6 (IPv6) source-routed packets.	DISA SUSE Linux Enterprise Server 15 STIG v2r6	Unix	CONFIGURATION MANAGEMENT
UBTU-16-030530 - The Ubuntu operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets.	DISA STIG Ubuntu 16.04 LTS v2r3	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search