Item Search

NameAudit NamePluginCategory
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobeCIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobeCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmodCIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmodCIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmodCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure mounting of udf filesystems is disabled - lsmodCIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.3 Ensure nodev option set on /tmp partitionCIS Debian 8 Server L1 v2.0.2Unix

CONFIGURATION MANAGEMENT

1.1.21 Ensure sticky bit is set on all world-writable directoriesCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

1.4 Ensure systemd Service Files Are EnabledCIS PostgreSQL 11 OS v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.1 Ensure permissions on bootloader config are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.2 Ensure bootloader password is set - 'passwd_pbkdf2'CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

1.6.4 Ensure core dumps are restricted - storageCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.6.4 Ensure core dumps are restricted - sysctl configCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.8.1.4 Ensure permissions on /etc/motd are configuredCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.26.1 (L1) Ensure 'Disable Bing chat entry-points on Microsoft Edge Enterprise new tab page' is set to 'Disabled'CIS Microsoft Edge v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

1.135 (L2) Ensure 'Enable QR Code Generator' is set to 'Disabled'CIS Microsoft Edge v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

2.4 Set noexec option for /tmp PartitionCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.4.2 Ensure 'IMAP4' Windows services are 'Disabled'CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0Windows

CONFIGURATION MANAGEMENT

2.9 Create Separate Partition for /homeCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.10 Add nodev Option to /homeCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.12 Add noexec Option to Removable Media PartitionsCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.14 Add nodev Option to /run/shm PartitionCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.14 Ensure 'sa' Login Account has been renamedCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.14 Ensure 'sa' Login Account has been renamedCIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.16 Add noexec Option to /run/shm PartitionCIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

2.17 Ensure no login exists with the name 'sa'CIS SQL Server 2014 Database L1 AWS RDS v1.5.0MS_SQLDB

CONFIGURATION MANAGEMENT

3.1 Ensure a fully-synchronized High Availability peer is configuredCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

CONFIGURATION MANAGEMENT

3.1.2 Ensure IP forwarding is disabled - sysctl ipv4CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.1.16 Ensure 'debug_print_plan' is disabledCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

CONFIGURATION MANAGEMENT

3.2 Ensure 'High Availability' requires Link Monitoring and/or Path MonitoringCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0Palo_Alto

CONFIGURATION MANAGEMENT

3.2.1 Ensure packet redirect sending is disabled - net.ipv4.conf.all.send_redirects (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.default.send_redirectsCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.default.accept_redirects (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - net.ipv6.conf.default.accept_redirects (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.default.accept_redirectsCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirectsCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.secure_redirects'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.default.rp_filter'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.2.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra'CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_routeCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_routeCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

3.3.6 Ensure bogus ICMP responses are ignored - (sysctl exec)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/CIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/CIS Distribution Independent Linux Workstation L2 v2.0.0Unix

CONFIGURATION MANAGEMENT

6.2.7 Ensure root PATH IntegrityCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

6.2.11 Ensure no users have .forward filesCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

CONFIGURATION MANAGEMENT

9.2 Ensure 'MASTER_SSL_VERIFY_SERVER_CERT' is enabledCIS MariaDB 10.6 Database L1 v1.1.0MySQLDB

CONFIGURATION MANAGEMENT