Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.5 Ensure AIDE is configured to use FIPS 140-2 - installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.4.1 Ensure bootloader password is set - password grubCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.4.4 Ensure boot loader does not allow removable mediaCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.5.8 Ensure DNS is servers are configured - nameserver 2CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.5.8 Ensure DNS is servers are configured - no dnsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.7.8 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured - issueCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.8.8 Ensure users must authenticate users using MFA via a graphical user logonCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

2.2.2 Ensure X11 Server components are not installed - rpmCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.2.8 Ensure FTP Server is not installed - FTP server package installed unless needed.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.2.24 Ensure NFS is configured to use RPCSEC_GSS - NFS is configured to use RPCSEC_GSS.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.2.26 Ensure ldap_tls_cacert is set for LDAP - fileCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

3.2.1 Ensure IP forwarding is disabled - configCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabled - sysctl allCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - config all ipv4CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.1 Ensure source routed packets are not accepted - config all ipv6CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - config defaultCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.2 Ensure ICMP redirects are not accepted - sysctl defaultCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.5.3.2.3 Ensure iptables rules exist for all open ports - PPSM CLSA and vulnerability assessments.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.1.2.5 Ensure system is disabled when audit logs are full - at a minimum when the threshold for the repository maximum audit record storage capacity is reached.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.9 Ensure file deletion events by users are collected - rename 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.9 Ensure file deletion events by users are collected - renameat 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.9 Ensure file deletion events by users are collected - renameat 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EACCES 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EPERM 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - openat EACCES 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.12 Ensure discretionary access control permission modification events are collected - fremovexattr 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - removexattr 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - removexattr 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.14 Ensure events that modify user/group information are collected - groupCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.1.3.16 Ensure auditing of the unix_chkpwd commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.17 Ensure audit of the gpasswd commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.26 Ensure audit of the rmdir syscall - 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.31 Ensure audit of the create_module syscall - 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.40 Ensure audit all uses of the newgrp commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

5.2.4 Ensure users must provide password for escalationCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.2.5 Ensure users must re-authenticate for privilege escalationCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.2.6 Ensure the sudoers file restricts sudo access to authorized personnel - sudoers.dCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.2.8 Ensure users password required for privilege escalation when using sudo - targetpwCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.3.1 Ensure SSH is installedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.2 Ensure SSH is runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

5.3.5 Ensure permissions on SSH public host key files are configuredCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.3.11 Ensure SSH HostbasedAuthentication is disabledCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveIntervalCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.29 Ensure SSH Protocol is set to 2CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.4.8 Ensure date and time of last successful logon - showfailedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.4.13 Ensure lockout for unsuccessful root logon attempts - system-auth defaultCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

6.1.12 Ensure no ungrouped files or directories existCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

6.2.11 Ensure all users' home directories exist - such as /home or an equivalent.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

6.2.12 Ensure users own their home directoriesCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT