Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure the appropriate MongoDB software version/patches are installed	CIS MongoDB 3.6 Database Audit L1 v1.1.0	MongoDB	SYSTEM AND SERVICES ACQUISITION
2.1 Ensure that authentication is enabled for MongoDB databases	CIS MongoDB 3.4 L1 Unix Audit v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception	CIS MongoDB 3.4 L1 Unix Audit v1.0.0	Unix	CONFIGURATION MANAGEMENT
2.3 Ensure authentication is enabled in the sharded cluster	CIS MongoDB 3.4 L1 Unix Audit v1.0.0	Unix	IDENTIFICATION AND AUTHENTICATION
3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase	CIS MongoDB 3.4 Database Audit L2 v1.0.0	MongoDB	ACCESS CONTROL
3.6 Review Superuser/Admin Roles - dbOwner	CIS MongoDB 3.4 Database Audit L2 v1.0.0	MongoDB	ACCESS CONTROL
3.6 Review Superuser/Admin Roles - hostManager	CIS MongoDB 3.4 Database Audit L2 v1.0.0	MongoDB	ACCESS CONTROL
3.6 Review Superuser/Admin Roles - hostManager	CIS MongoDB 3.6 Database Audit L1 v1.1.0	MongoDB	ACCESS CONTROL
4.1 Ensure TLS or SSL protects all network communications	CIS MongoDB 3.4 L1 Unix Audit v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
5.1 Ensure that system activity is audited	CIS MongoDB 3.6 L1 Unix Audit v1.1.0	Unix	AUDIT AND ACCOUNTABILITY
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS CentOS Linux 7 v4.0.0 L2 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS Amazon Linux 2 v3.0.0 L2	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS AlmaLinux OS 8 Workstation L2 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS Red Hat EL8 Server L2 v3.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.1 Ensure the audit log directory is 0750 or more restrictive	CIS Rocky Linux 8 Workstation L2 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2.4.4 Ensure the audit log directory is 0750 or more restrictive	CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1 Mongodb Database Running with Least Privileges	CIS MongoDB 3.4 L1 Unix Audit v1.0.0	Unix	ACCESS CONTROL
6.2.4.4 Ensure the audit log file directory mode is configured	CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.3 Ensure that server-side scripting is disabled if not needed	CIS MongoDB 3.6 L2 Unix Audit v1.1.0	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
6.4 Ensure that server-side scripting is disabled if not needed	CIS MongoDB 3.2 L2 Unix Audit v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.4.4.4 Ensure the audit log file directory mode is configured	CIS Debian Linux 11 v2.0.0 L2 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.2 Ensure that database file permissions are set correctly	CIS MongoDB 3.6 L1 Unix Audit v1.1.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
17.2.3 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION
17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	AUDIT AND ACCOUNTABILITY
18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.39.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
18.9.39.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
18.9.39.1 Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
Configuring a pre-login or post-login message banner for the BIG-IP or Enterprise Manager system - Banner Text	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Configuring a secure password policy for the BIG-IP system - Minimum Length	Tenable F5 BIG-IP Best Practice Audit	F5	IDENTIFICATION AND AUTHENTICATION
Configuring an automatic logout for idle sessions - Configuration utility	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Configuring CIDR Network Addresses for the BIG-IP packet filter - Filter established connections	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Configuring CIDR Network Addresses for the BIG-IP packet filter - Packet filter logging	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Configuring cookie encryption within the HTTP profile	Tenable F5 BIG-IP Best Practice Audit	F5	SYSTEM AND COMMUNICATIONS PROTECTION
Configuring LDAP remote authentication for Active Directory - Scope	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Configuring LDAP remote authentication for Active Directory - SSL	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Configuring LDAP remote authentication for Active Directory - SSL Client Cert	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Configuring LDAP remote authentication for Active Directory - SSL Client Key	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
Configuring the BIG-IP system to enforce the use of strict passwords	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Disabling the admin account	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Overview of Appliance mode	Tenable F5 BIG-IP Best Practice Audit	F5	ACCESS CONTROL
Overview of port lockdown behavior	Tenable F5 BIG-IP Best Practice Audit	F5	CONFIGURATION MANAGEMENT
Preserving or modifying HTTP response headers removed by the BIG-IP ASM system	Tenable F5 BIG-IP Best Practice Audit	F5	SYSTEM AND COMMUNICATIONS PROTECTION
SQL2-00-018500 - SQL Server must ensure users are authenticated with an individual authenticator prior to using a shared authenticator.	DISA STIG SQL Server 2012 DB Instance Security v1r20	MS_SQLDB	IDENTIFICATION AND AUTHENTICATION
UBTU-18-010305 - The Ubuntu operating system must be configured so that audit log files cannot be read or write-accessible by unauthorized users.	DISA STIG Ubuntu 18.04 LTS v2r15	Unix	AUDIT AND ACCOUNTABILITY
UBTU-18-010307 - The Ubuntu operating system must permit only authorized groups to own the audit log files.	DISA STIG Ubuntu 18.04 LTS v2r15	Unix	AUDIT AND ACCOUNTABILITY
UBTU-24-901300 - Ubuntu 24.04 LTS must be configured so that audit log files are not read or write-accessible by unauthorized users.	DISA Canonical Ubuntu 24.04 LTS STIG v1r1	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search