Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - lsmodCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of jffs2 filesystems is disabled - modprobeCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of hfs filesystems is disabled - modprobeCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of hfs filesystems is disabled - modprobeCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobeCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmodCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of udf filesystems is disabled - modprobeCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of udf filesystems is disabled - modprobeCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmodCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobeCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.4.1 Ensure permissions on bootloader config are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.7.1.1 Ensure message of the day is configured properlyCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.3 Ensure remote login warning banner is configured properlyCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.7.1.4 Ensure permissions on /etc/motd are configuredCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

2.1 Create Separate Partition for /tmpCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.4.4 Ensure 'Send Exchange Customer Experience reports' is set to 'False'CIS Microsoft Exchange Server 2019 L2 Mailbox v1.0.0Windows

CONFIGURATION MANAGEMENT

2.5 Ensure 'Ole Automation Procedures' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.8 Ensure 'Scan for Startup Procs' Server Configuration Option is set to '0'CIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0' - 0CIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.11 Add nodev Option to Removable Media PartitionsCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.15 Ensure 'sa' Login Account has been renamedCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databasesCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2012 Database L1 AWS RDS v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

3.1.1 Ensure IP forwarding is disabled - ipv4 sysctlCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - all /etc/sysctl.conf /etc/sysctl.d/*CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.1.2 Ensure packet redirect sending is disabled - all sysctlCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.all.accept_redirects= 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.all.accept_redirects= 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.default.accept_redirects= 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - files net.ipv6.conf.default.accept_redirects= 0CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirectsCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - files net.ipv4.conf.default.rp_filter = 1CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.8 Ensure TCP SYN Cookies is enabled - files net.ipv4.tcp_syncookies = 1CIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.all.accept_ra = 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - files net.ipv6.conf.default.accept_ra = 0CIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

4.1.7 Ensure events that modify the system's network environment are collected - b64 sethostnameCIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/CIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/CIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.2.3 Ensure permissions on all logfiles are configuredCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.1.1 Ensure cron daemon is enabledCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.1.1 Ensure cron daemon is enabledCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.1.2 Ensure permissions on /etc/crontab are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.1.3 Ensure permissions on /etc/cron.hourly are configuredCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.2.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

5.2.2 Ensure permissions on SSH private host key files are configuredCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.2.12 Ensure SSH PermitUserEnvironment is disabledCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.5 Ensure root login is restricted to system consoleCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

6.2.5 Ensure root is the only UID 0 accountCIS Distribution Independent Linux Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT