Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.4 Ensure DHCP services are disabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.6 Apply Local-in PoliciesCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, MEDIA PROTECTION, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.7 Ensure default Admin ports are changedCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, MEDIA PROTECTION, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure ICMP is restricted for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ensure DNS services are configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2.1 Configure BGP to Log Neighbor ChangesCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2.3 Configure BGP AuthenticationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2.2 Disable ICMP Redirects on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Disable Proxy ARP on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.4 Disable IP Directed Broadcasts on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.5 Disable IP Source-RoutingCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure firewall policy denying all traffic to/from Tor, malicious server, or scanner IP addresses using ISDBCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure packet fragments are restricted for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1 Configure DHCP TrustCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.1.4 Ensure IPv6 firewall rules exist for all open portsCIS Google Container-Optimized OS v1.2.0 L2 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Configure Storm ControlCIS Cisco NX-OS v1.2.0 L2Cisco

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, INCIDENT RESPONSE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.4.1 Configure LLDPCIS Cisco NX-OS v1.2.0 L1Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.5.2 Configure FCoE ZoningCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.8 Ensure 'security-level' is set to '0' for Internet-facing interfaceCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Botnet protection is enabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Botnet protection is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Ensure explicit deny in access lists is configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3 Audit Network Specific LocationsCIS Apple macOS 10.14 v2.0.0 L2Unix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 Ensure that 'trusted locations' are definedCIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION