1.5.7 Ensure kernel core dumps are disabled. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
1.9 Ensure updates, patches, and additional security software are installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
2.005 - Systems must be at supported service packs (SP) or releases levels. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
4.2.1.4 Ensure logging is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
6.2.13 Ensure users' home directories permissions are 750 or more restrictive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
6.2.20 Ensure that all files and directories contained in local interactive user home directories are owned by the user | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
6.2.23 Ensure local interactive users' dot files for are owned by the user or root. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
Big Sur - Enable Firmware Password | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Big Sur - Enable Firmware Password | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Big Sur - Secure User's Home Folders | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Big Sur - Secure User's Home Folders | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
Catalina - Secure User's Home Folders | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
Catalina - Secure User's Home Folders | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
DTOO206 - Office System - Inclusion of document properties for PDF and XPS output must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
DTOO212 - Office System - Blogging entries created from inside Office products must be configured for Sharepoint only. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
GEN000340 - UIDs reserved for system accounts must not be assigned to non-system accounts. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN000945 - The root account's library search path must be the system default and must contain only absolute paths. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN000950 - The root account's list of preloaded libraries must be empty. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001605 - Run control scripts' library search paths must contain only absolute paths. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/security/.profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/csh.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001980 - The /etc/group file must not contain a plus (+) without defining entries for NIS+ netgroups - '/etc/group' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN001980 - The shosts.equiv file must not contain a plus (+) without defining entries for NIS+ netgroups - '~/shosts.equiv' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN002100 - The .rhosts file must not be supported in PAM. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN004580 - The system must not use .forward files. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN004680 - The SMTP service must not have the VRFY feature active. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN004800 - Unencrypted FTP must not be used on the system - 'ftp is disabled' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005080 - The TFTP daemon must operate in 'secure mode' which provides access only to a single directory on the host - Not Applicable | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005201 - X11 forwarding for SSH must be disabled. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
GEN005202 - The sshd server must bind the X11 forwarding server to the loopback address. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
GEN005202 - The sshd server must bind the X11 forwarding server to the loopback address. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
GEN005511 - The SSH client must be configured to not use CBC-based ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005524 - The SSH daemon must not permit GSSAPI authentication unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005540 - The SSH daemon must be configured for IP filtering - '/etc/hosts.deny' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005590 - The system must not be running any routing protocol daemons, unless the system is a router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005600 - IP forwarding for IPv4 must not be enabled, unless the system is a router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN005840 - The NFS server must be configured to restrict file system access to local hosts - 'All exports contain ro or rw' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN006230 - Samba must be configured to use encrypted passwords. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
GEN008640 - The system must not use removable media as the boot loader - 'prevboot' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
Monterey - Configure Gatekeeper to Disallow End User Override | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
Monterey - Disable Unattended or Automatic Logon to the System | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
Monterey - Disable Unattended or Automatic Logon to the System | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |