Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1.6 Ensure cryptographic verification of vendor software packagesCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.4.5 Ensure a unique name is set as the superusers account (BIOS)CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.5.12 Ensure kernel image loading is disabledCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.6.11 Ensure the operating system implements certificate status checking for multifactor authenticationCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

1.8.17 Ensure the operating system prevents users from overriding the screensaver lock-enabled setting for the graphical user interfaceCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.11 Ensure the mailx package is installedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.12 Ensure the operating system accepts PIV credentialsCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

1.99 RHEL-09-231160CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT IIUnix

CONFIGURATION MANAGEMENT

2.1.6 Ensure ftp server services are not in useCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.32 Ensure the tuned package has not been installed on the systemCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.6.1 Ensure fapolicyd is installedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.1.26 Ensure sshd ClientAliveInterval is configuredCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.2.9 Ensure sudo timestamp_timeout is configuredCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.3.6.2 Ensure SSSD prohibits the use of cached authentications after one dayCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.3.8 Ensure the umask default for installed shells is "077"CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.4.3.10 Ensure the operating system initiates a session lock after 15 minutes of inactivityCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

6.2.2.10 Ensure rsyslog is configured to log cron eventsCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.3.3.7 Ensure unsuccessful file access attempts are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.13 Ensure file deletion events by users are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.13 Ensure file deletion events by users are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.31 Ensure successful and unsuccessful attempts to use the setsebool command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

6.3.3.38 Ensure successful and unsuccessful attempts to use the umount command are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

7.1.19 Ensure world-writable directories owner is configuredCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

7.1.21 Ensure local initialization files do not execute world-writable programsCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

7.2.2 Ensure /etc/shadow password fields are not emptyCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

DG0032-ORACLE11 - Audit records should be restricted to authorized individuals - 'AUD$ table access is restricted'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0071-ORACLE11 - New passwords must be required to differ from old passwords by more than four characters - 'PASSWORD_VERIFY_FUNCTION is not set to NULL or DEFAULT'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0078-ORACLE11 - Each database user, application or process should have an individually assigned account.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0105-ORACLE11 - DBMS application user roles should not be assigned unauthorized privileges.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0127-ORACLE11 - DBMS account passwords should not be set to easily guessed words or values - 'profile'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0135-ORACLE11 - Users should be alerted upon login of previous successful connections or unsuccessful attempts to access their account.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0159-ORACLE11 - Remote administrative access to the database should be monitored by the IAO or IAM.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0166-ORACLE11 - Asymmetric keys should use DoD PKI Certificates and be protected in accordance with NIST (unclassified data) or NSA (classified data) approved key management and processes.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DG0186-ORACLE11 - The database should not be directly accessible from public or unauthorized networks.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0187-ORACLE11 - DBMS software libraries should be periodically backed up.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DG0198-ORACLE11 - Remote administration of the DBMS should be restricted to known, dedicated and encrypted network addresses and ports.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DO0155-ORACLE11 - Only authorized system accounts should have the SYSTEM tablespace specified as the default tablespace - 'Tablespace not set to SYSTEM'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0210-ORACLE11 - Access to default accounts used to support replication should be restricted to authorized DBAs - 'sys.dba_repcatlog count = 0'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0233-ORACLE11 - The /diag subdirectory under the directory assigned to the DIAGNOSTIC_DEST parameter must be protected from unauthorized access.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_trail value = TRUE, OS, XML or XML, EXTENDED'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0238-ORACLE11 - The directories assigned to the LOG_ARCHIVE_DEST* parameters should be protected from unauthorized access - 'log_archive_dest_n parameter is configured'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0250-ORACLE11 - Fixed user and public database links should be authorized for use - 'Database links are documented'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO0260-ORACLE11 - A minimum of two Oracle control files should be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device.DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO3696-ORACLE11 - The Oracle RESOURCE_LIMIT parameter should be set to TRUE - 'resource_limit = true'DISA STIG Oracle 11 Instance v9r1 DatabaseOracleDB
DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER'DISA STIG Oracle 11 Installation v9r1 WindowsWindows
WA000-WWA022 A22 - The KeepAlive directive must be enabled.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WA000-WWA024 A22 - The KeepAliveTimeout directive must be defined.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix