Item Search

Name	Audit Name	Plugin	Category
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/docs	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
1.1 Remove extraneous files and directories - CATALINA_HOME/webapps/examples	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
1.5.3 Configure Netflow on Strategic Ports	CIS Cisco NX-OS v1.2.0 L2	Cisco	AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY
1.10 Use Dedicated "mgmt" Interface and VRF for Administrative Functions	CIS Cisco NX-OS v1.2.0 L2	Cisco	CONFIGURATION MANAGEMENT, MAINTENANCE
2.1 Ensure Authentication is configured	CIS MongoDB 6 v1.2.0 L1 MongoDB	Windows	IDENTIFICATION AND AUTHENTICATION
2.1.2 Ensure 'ADMIN_RESTRICTIONS_' Is Set to 'ON'	CIS Oracle Server 19c Linux v1.2.0	Unix	ACCESS CONTROL
2.2 Ensure that MongoDB does not bypass authentication via the localhost exception	CIS MongoDB 6 v1.2.0 L1 MongoDB	Unix	IDENTIFICATION AND AUTHENTICATION
2.3.1 Ensure 'ENCRYPTION_SERVER' Is Set to 'REQUIRED'	CIS Oracle Server 19c Linux v1.2.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.6.2 Enable Gatekeeper	CIS Apple macOS 10.12 L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.6.5 Review Application Firewall Rules	CIS Apple macOS 10.12 L1 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.7 Ensure Sever Header is Modified To Prevent Information Disclosure	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.7.1 iCloud configuration	CIS Apple macOS 10.12 L2 v1.2.0	Unix	ACCESS CONTROL
2.7.2 iCloud keychain	CIS Apple macOS 10.12 L2 v1.2.0	Unix	ACCESS CONTROL
2.7.4 iCloud Drive Document sync	CIS Apple macOS 10.12 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.8.2 Time Machine Volumes Are Encrypted	CIS Apple macOS 10.12 L1 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.1 Enable security auditing	CIS Apple macOS 10.12 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.1.1.1 Configure EIGRP Authentication on all EIGRP Routing Devices	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.2 Configure Security Auditing Flags - 'audit successful/failed login/logout events'	CIS Apple macOS 10.12 L2 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
3.2 Ensure that role-based access control is enabled and configured appropriately	CIS MongoDB 6 v1.2.0 L1 MongoDB	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.2 Ensure that role-based access control is enabled and configured appropriately - roles	CIS MongoDB 5 L1 DB v1.2.0	MongoDB	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges	CIS MongoDB 5 L1 DB v1.2.0	MongoDB	ACCESS CONTROL
3.5 Review Superuser/Admin Roles - dbAdminAnyDatabase	CIS MongoDB 5 L2 DB v1.2.0	MongoDB	ACCESS CONTROL
4.2 Ensure Weak Protocols are Disabled	CIS MongoDB 6 v1.2.0 L1 MongoDB	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
4.2 Ensure Weak Protocols are Disabled	CIS MongoDB 6 v1.2.0 L1 MongoDB	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
4.3 Configure Alerts on all Configuration Changes	CIS Cisco NX-OS v1.2.0 L2	Cisco	CONFIGURATION MANAGEMENT
4.4 Ensure http server is not running	CIS Apple macOS 10.12 L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
4.6 Ensure nfs server is not running	CIS Apple macOS 10.12 L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
4.7 Restrict access to Tomcat web application directory	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1 Ensure that system activity is audited	CIS MongoDB 6 v1.2.0 L1 MongoDB	Windows	AUDIT AND ACCOUNTABILITY
5.1.1 Secure Home Folders	CIS Apple macOS 10.12 L1 v1.2.0	Unix	CONFIGURATION MANAGEMENT
5.2.3 Complex passwords must contain an Alphabetic Character	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.2.5 Complex passwords must contain a Special Character	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.2.6 Complex passwords must uppercase and lowercase letters	CIS Apple macOS 10.12 L2 v1.2.0	Unix
5.2.7 Password Age	CIS Apple macOS 10.12 L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.7 Enable OCSP and CRL certificate checking - CRLStyle	CIS Apple macOS 10.12 L2 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
5.9 Disable automatic login	CIS Apple macOS 10.12 L1 v1.2.0	Unix	ACCESS CONTROL
5.20 System Integrity Protection status	CIS Apple macOS 10.12 L1 v1.2.0	Unix	SYSTEM AND INFORMATION INTEGRITY
6.1 Ensure that MongoDB uses a non-default port	CIS MongoDB 6 v1.2.0 L1 MongoDB	Unix	CONFIGURATION MANAGEMENT
6.1.2 Disable 'Show password hints' - Show password hints	CIS Apple macOS 10.12 L1 v1.2.0	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.3 Disable guest account login	CIS Apple macOS 10.12 L1 v1.2.0	Unix	ACCESS CONTROL
6.3 Disable the automatic run of safe files in Safari	CIS Apple macOS 10.12 L1 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
7.1 Ensure appropriate key file permissions are set	CIS MongoDB 6 v1.2.0 L1 MongoDB	Unix	IDENTIFICATION AND AUTHENTICATION
7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
7.3 Computer Name Considerations	CIS Apple macOS 10.12 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
7.4 Ensure directory in context.xml is a secure location - permissions	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
7.5 Ensure pattern in context.xml is correct	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
10.6 Enable strict servlet Compliance	CIS Apache Tomcat 9 L2 v1.2.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL

Detections

Analytics

Item Search