1.4.2.7 Disable 'Allow guest to log into this computer' | CIS Apple OSX 10.6 Snow Leopard L1 v1.0.0 | Unix | ACCESS CONTROL |
1.6.1.2 Ensure the SELinux state is enforcing | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.2 Ensure the SELinux state is enforcing | CIS SUSE Linux Enterprise Server 11 L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.2 Ensure the SELinux state is enforcing - 'SELinux status' | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | Huawei EulerOS 2 Server L2 v1.0 | Unix | ACCESS CONTROL |
1.6.1.3 Ensure SELinux policy is configured | Huawei EulerOS 2 Workstation L2 v1.0 | Unix | ACCESS CONTROL |
1.6.1.4 Ensure no unconfined daemons exist | CIS Ubuntu Linux 14.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL |
1.6.2.2 Ensure all AppArmor Profiles are enforcing - profiles loaded | CIS SUSE Linux Enterprise Server 11 L2 v2.0.0 | Unix | ACCESS CONTROL |
2.2 Give the BIND User Account an Invalid Shell | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | ACCESS CONTROL |
2.2.24 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
2.3.18.1 Ensure 'Allow users with earlier versions of Office to read with browsers...' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | ACCESS CONTROL |
2.4.2.7 Disable 'Allow guest to log into this computer' | CIS Apple OSX 10.5 Leopard L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1.10 Authenticate federated users at the instance level | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
3.1.11 Authenticate federated users at the instance level | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
4.2.8 Ensure 'Block Window Management permission on these sites' Is Configured | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL |
5.1 Use secure Realms | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | ACCESS CONTROL |
5.1 Use secure Realms | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/bash.bashrc.local | CIS SUSE Linux Enterprise Server 11 L1 v2.0.0 | Unix | ACCESS CONTROL |
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.local | CIS SUSE Linux Enterprise Server 11 L1 v2.0.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple macOS 10.12 L1 v1.1.0 | Unix | ACCESS CONTROL |
6.11 Set 'Never allow users to specify groups when restricting permission for documents' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'daemon' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'nobody4' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'smmsp' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for '' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'nobody' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'uucp' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
10.18 Setting Security Lifecycle Listener (check for umask present in startup) | CIS Apache Tomcat 8 L1 v1.0.1 | Unix | ACCESS CONTROL |
20.36 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2016 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
Configure Role-Based Access Control - 'security.authorization = enabled' | TNS MongoDB 2.6 Best Practices Windows OS Audit v1.0 | Windows | ACCESS CONTROL |
Ensure External Authorization Provider is Enabled | TNS IBM WebSphere Application Server 9 Linux Best Practices | Unix | ACCESS CONTROL |
Ensure External Authorization Provider is Enabled | TNS IBM WebSphere Application Server 9 Windows Best Practices | Windows | ACCESS CONTROL |
Local intranet Zone - Set 'Logon' to Prompt for user name and password | MS Security Advisory 2963983 Mitigation Settings audit | Windows | ACCESS CONTROL |
Logon options - Restricted Sites Zone | MSCT Windows 10 v1703 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 1607 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v1709 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
Remote user login policy | Tenable Cisco ACI | Cisco_ACI | ACCESS CONTROL |
SalesForce.com : Setting Session Security - 'Review Inactive Users' | TNS Salesforce Best Practices Audit v1.1.0 | Salesforce.com | ACCESS CONTROL |
User IDs which disclose the privileges associated with it, should not be created. 'nologin' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
vNetwork : verify-dvfilter-bind | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
vNetwork : verify-dvfilter-bind | VMWare vSphere 6.5 Hardening Guide | VMware | ACCESS CONTROL |