Item Search

Name	Audit Name	Plugin	Category
1.1.13 Ensure /var/tmp partition includes the nodev option	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION
1.1.20 Ensure removable media partitions include noexec option	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.2.7 Ensure DNS Server is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.2.19 Ensure rsync is not installed or the rsyncd service is masked	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.3.1 Ensure NIS Client is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL
3.3.4 Ensure secure ICMP redirects are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.6 Ensure broadcast ICMP requests are ignored	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.9 Ensure TCP SYN Cookies is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.5.2.6 Ensure nftables base chains exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.10 Ensure nftables service is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.3 Ensure firewalld is either not installed or masked with iptables	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.2.4 Ensure iptables default deny firewall policy	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.3.5 Ensure ip6tables rules are saved	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.4 Defend against Denial of Service Attacks	CIS ISC BIND 9.0/9.5 v2.0.0	Unix
5.3.6 Ensure SSH access is limited	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.3.7 Ensure SSH LogLevel is appropriate	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
5.3.13 Ensure SSH PermitEmptyPasswords is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.14 Ensure SSH PermitUserEnvironment is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.18 Ensure only strong Key Exchange algorithms are used	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.19 Ensure SSH Idle Timeout Interval is configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.20 Ensure SSH LoginGraceTime is set to one minute or less	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.22 Ensure SSH PAM is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.4.1 Ensure password creation requirements are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	IDENTIFICATION AND AUTHENTICATION
5.5.3 Ensure default group for the root account is GID 0	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.5.4 Ensure default user shell timeout is configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL
5.6 Ensure root login is restricted to system console	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND SERVICES ACQUISITION
6.1.7 Ensure permissions on /etc/gshadow are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.11 Ensure no unowned files or directories exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.9 Ensure root is the only UID 0 account	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.11 Ensure all users' home directories exist	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
6.2.12 Ensure users own their home directories	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.6.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.22.1.6 (L2) Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.9 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.10 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.13 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.37.2 (L2) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.3.1 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	ACCESS CONTROL
OH12-1X-000287 - OHS must have the ListenBacklog properly set to restrict the ability of users to launch Denial of Service (DoS) attacks against other information systems or networks.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search