Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - lsmod	CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - lsmod	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - modprobe	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobe	CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobe	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobe	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.2 Ensure sticky bit is set on all world-writable directories	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.3 Ensure nodev option set on /tmp partition	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.16 Ensure nosuid option set on /dev/shm partition	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.4.2 Ensure bootloader password is set - 'passwd_pbkdf2'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.4.2 Ensure bootloader password is set - 'set superusers'	CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/*	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.1 Ensure core dumps are restricted - sysctl	CIS Oracle Linux 6 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.5.2 Ensure bootloader password is set - 'set superusers'	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.4 Ensure core dumps are restricted - processsizemax	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.4 Ensure core dumps are restricted - sysctl	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.6.4 Ensure core dumps are restricted - sysctl config	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.1.4 Ensure permissions on /etc/motd are configured	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
1.8.1.5 Ensure permissions on /etc/issue are configured	CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.1 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirects (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.default.accept_source_route	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirects (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - net.ipv6.conf.all.accept_redirects (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.accept_redirects	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d)	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.3.5 Ensure permissions on /etc/hosts.deny are configured	CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - /etc/localtime	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - adjtimex (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - adjtimex (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.5 Ensure events that modify the system's network environment are collected - /etc/network	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d/	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (64-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.9 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr/removexattr	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod	CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit)	CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0	Unix	CONFIGURATION MANAGEMENT
6.1.13 Audit SUID executables	CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
18.9.28.5 Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
19.7.8.5 Ensure 'Turn off Spotlight collection on Desktop' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search