Item Search

NameAudit NamePluginCategory
1.1 Remove extraneous files and directories - /webapps/host-managerCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

1.3 Enable app update installsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

1.4 Enable system data files and security update installs - 'ConfigDataInstall'CIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devicesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.1.3 Show Bluetooth status in menu barCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.1 Enable 'Set time and date automatically'CIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

2.3 Alter the Advertised server.built DateCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded cluster - CAFileCIS MongoDB 5 L2 OS Linux v1.2.0Unix

CONFIGURATION MANAGEMENT

2.3.2 Secure screen saver corners - top left cornerCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

ACCESS CONTROL

2.4.1 Disable Remote Apple EventsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.3 Disable Screen SharingCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4.8 Disable File Sharing - SMBCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.5 Disable client facing Stack Traces - check for defined exception typeCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.6 Turn off TRACECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.6.5 Review Application Firewall RulesCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Disable the Shutdown portCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 5 L1 OS Linux v1.2.0Unix

ACCESS CONTROL

4.1 Restrict access to $CATALINA_HOMECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2 Restrict access to $CATALINA_BASECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.6 Restrict access to Tomcat binaries directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.13 Restrict access to Tomcat tomcat-users.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

5.2.7 Password AgeCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.5 Ensure login keychain is locked when the computer sleepsCIS Apple OSX 10.10 Yosemite L2 v1.2.0Unix

IDENTIFICATION AND AUTHENTICATION

5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NGWindows

CONFIGURATION MANAGEMENT

5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

5.42 (L2) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

6.1.5 Remove Guest home folderCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

ACCESS CONTROL

6.2 Turn on filename extensionsCIS Apple OSX 10.10 Yosemite L1 v1.2.0Unix

CONFIGURATION MANAGEMENT

6.4 Ensure secure is set to true only for SSL-enabled Connectors - verify secure is set to trueCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

10.5 Rename the manager application - host-manager/manager.xmlCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.6 Enable strict servlet ComplianceCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

10.7 Turn off session facade recyclingCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASHCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.14 Do not allow cross context requestsCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

10.15 Do not resolve hosts on logging valvesCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.94.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 DCWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.94.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

19.1.3.2 Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

ACCESS CONTROL