Item Search

NameAudit NamePluginCategory
2.2.1 Ensure Firewall Is EnabledCIS Apple macOS 13.0 Ventura v3.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.2.1 Ensure Firewall Is EnabledCIS Apple macOS 14.0 Sonoma v2.1.0 L1Unix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.4.1.5 Ensure firewalld default zone is setCIS Fedora 28 Family Linux Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.5 Ensure firewalld default zone is setCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.1.5 Ensure firewalld default zone is setCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure firewalld is either not installed or masked with nftablesCIS CentOS Linux 8 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.2 Ensure ufw is uninstalled or disabled with nftablesCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.1 Ensure iptables default deny firewall policyCIS Debian 10 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.4 Ensure iptables firewall rules exist for all open portsCIS Debian 10 Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.3 Ensure ip6tables firewall rules exist for all open portsCIS CentOS Linux 8 Workstation L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3.3 Ensure ip6tables firewall rules exist for all open portsCIS Fedora 28 Family Linux Server L1 v2.0.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.5 Ensure firewalld default zone is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.5 Ensure firewalld default zone is setCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.5.1.5 Ensure firewalld default zone is setCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.3 Ensure ip6tables firewall rules exist for all open portsCIS Amazon Linux 2 STIG v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.6.3.2.4 Ensure firewall rules exist for all open portsCIS Debian Family Workstation L1 v1.0.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.4 Ensure default zone is setCIS SUSE Linux Enterprise 15 v2.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.3.4 Ensure ip6tables firewall rules exist for all open portsCIS Debian Linux 11 v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4 Ensure iptables firewall rules exist for all open portsCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4 Ensure iptables firewall rules exist for all open portsCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.2.4 Ensure iptables firewall rules exist for all open portsCIS Debian Linux 12 v1.1.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.1 Ensure ip6tables default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.4.3.1 Ensure ip6tables default deny firewall policyCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.4 (L1) Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT

20.48 Ensure 'Permissions for the Application Event Log must prevent access by non-privileged accounts'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

20.62 Ensure 'Telnet Client is not installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

38.3 (L1) Ensure 'Enable Domain Network Firewall: Disable Inbound Notifications' is set to 'True'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

BIND-9X-001004 - The host running a BIND 9.X implementation must implement a set of firewall rules that restrict traffic on the DNS interface.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one uppercase character be used.DISA STIG Cisco IOS Switch NDM v3r2Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000580 - The Cisco router must be configured to enforce password complexity by requiring that at least one lowercase character be used.DISA Cisco IOS XE Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lowercase character be used.DISA STIG Cisco IOS Switch NDM v3r2Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used.DISA Cisco IOS Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000590 - The Cisco router must be configured to enforce password complexity by requiring that at least one numeric character be used.DISA Cisco IOS XE Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000590 - The Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used.DISA STIG Cisco IOS Switch NDM v3r2Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-000600 - The Cisco router must be configured to enforce password complexity by requiring that at least one special character be used.DISA Cisco IOS Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

CISC-ND-001250 - The Cisco router must be configured to generate log records when administrator privileges are deleted.DISA Cisco IOS Router NDM STIG v3r4Cisco

AUDIT AND ACCOUNTABILITY

CISC-ND-001250 - The Cisco switch must be configured to generate log records when administrator privileges are deleted.DISA STIG Cisco IOS XE Switch NDM v3r2Cisco

AUDIT AND ACCOUNTABILITY

CISC-ND-001250 - The Cisco switch must be configured to generate log records when administrator privileges are deleted.DISA STIG Cisco IOS Switch NDM v3r2Cisco

AUDIT AND ACCOUNTABILITY

GEN000000-SOL00160 - If the system is a firewall, ASET must be used on the system, and the firewall parameters must be set in /usr/aset/asetenv.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

Keychain Policy - Key Policy - EndtimeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Management Access Policy - HTTPS - Cipher ConfigurationTenable Cisco ACICisco_ACI
Management Access Policy - SSH Access Via Web - Admin StateTenable Cisco ACICisco_ACI

CONFIGURATION MANAGEMENT

Password Strength Check - Password Minimum LengthTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION

Password Strength Check - Password Strength Test TypeTenable Cisco ACICisco_ACI

IDENTIFICATION AND AUTHENTICATION