Item Search

Name	Audit Name	Plugin	Category
1.1.5 Ensure nosuid option set on /tmp partition	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION
1.1.13 Ensure /var/tmp partition includes the nodev option	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION
1.1.20 Ensure removable media partitions include noexec option	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.25 Ensure sticky bit is set on all world-writable directories	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION
1.3.2 Ensure filesystem integrity is regularly checked	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
1.5.1 Ensure core dumps are restricted	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.5.3 Ensure address space layout randomization (ASLR) is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SYSTEM AND INFORMATION INTEGRITY
1.6.1.1 Ensure SELinux is installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.7.2 Ensure local login warning banner is configured properly	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.9 Ensure updates, patches, and additional security software are installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.1.2 Ensure chrony is configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	AUDIT AND ACCOUNTABILITY
2.2.11 Ensure Samba is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.2.13 Ensure net-snmp is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.2.15 Ensure telnet-server is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.3.4 Ensure telnet client is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.3.5 Ensure LDAP client is not installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
2.3.10.4 (L2) Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.4 Ensure nonessential services are removed or masked	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT
3.3.2 Ensure ICMP redirects are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.3.10 Ensure IPv6 router advertisements are not accepted	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
3.5.1.2 Ensure iptables-services not installed with firewalld	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.2 Ensure firewalld is either not installed or masked with nftables	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.3 Ensure iptables-services not installed with nftables	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.7 Ensure nftables loopback traffic is configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.11 Ensure nftables rules are permanent	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.2.2 Ensure iptables outbound and established connections are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.8 Ensure Handler is not granted Write and Script/Execute - Applications	CIS IIS 7 L1 v1.8.0	Windows	ACCESS CONTROL
5.1.2 Ensure permissions on /etc/crontab are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.9 Ensure at is restricted to authorized users	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.2 (L2) Ensure 'Print Spooler (Spooler)' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
5.2.1 Ensure sudo is installed	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.4 Ensure permissions on SSH private host key files are configured	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.3.10 Ensure SSH IgnoreRhosts is enabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.11 Ensure SSH HostbasedAuthentication is disabled	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
5.3.25 Ensure SSH MaxSessions is limited	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation	Unix	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.3 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.8 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.48.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.47.4.1 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.3.3 (L2) Ensure 'Do not allow LPT port redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.10.2 (L2) Ensure 'Set time limit for disconnected sessions' is set to 'Enabled: 1 minute'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	ACCESS CONTROL
18.9.90.3 (L2) Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - used	DISA STIG Solaris 10 SPARC v2r4	Unix	AUDIT AND ACCOUNTABILITY
OH12-1X-000287 - OHS must have the ListenBacklog properly set to restrict the ability of users to launch Denial of Service (DoS) attacks against other information systems or networks.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search