Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.7 Ensure udf kernel module is not availableCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.4.1 Ensure separate partition exists for /varCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.3.1.5 Ensure the SELinux mode is enforcingCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.4.2 Ensure access to bootloader config is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.5.1 Ensure address space layout randomization is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SYSTEM AND INFORMATION INTEGRITY

1.5.3 Ensure core dump backtraces are disabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.6.1 Ensure system wide crypto policy is not set to legacyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.4 Ensure system wide crypto policy disables macs less than 128 bitsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.6 Ensure system wide crypto policy disables chacha20-poly1305 for sshCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7.2 Ensure local login warning banner is configured properlyCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.1 Ensure GNOME Display Manager is removedCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

1.8.4 Ensure GDM screen locks when the user is idleCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.5 Ensure GDM screen locks cannot be overriddenCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

1.8.8 Ensure GDM autorun-never is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

MEDIA PROTECTION

2.1.13 Ensure rsync services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.15 Ensure telnet server services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.20 Ensure X window server services are not in useCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

2.2.3 Ensure nis client is not installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.4.1.1 Ensure cron daemon is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.4.1.5 Ensure permissions on /etc/cron.weekly are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

2.4.2.1 Ensure at is restricted to authorized usersCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

3.2.1 Ensure dccp kernel module is not availableCIS Red Hat Enterprise Linux 9 v2.0.0 L2 ServerUnix

CONFIGURATION MANAGEMENT

3.3.6 Ensure secure icmp redirects are not acceptedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.7 Ensure reverse path filtering is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

3.3.10 Ensure tcp syn cookies is enabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

4.1.1 Ensure nftables is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld drops unnecessary services and portsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.3.4 Ensure nftables loopback traffic is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure sshd Banner is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.1.15 Ensure sshd LogLevel is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.1.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.3 Ensure sudo log file existsCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

5.3.1.3 Ensure latest version of libpwquality is installedCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

SYSTEM AND INFORMATION INTEGRITY

5.3.3.1.1 Ensure password failed attempts lockout is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.4.1.5 Ensure inactive password lock is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.4.1.6 Ensure all users last password change date is in the pastCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

6.2.1.1 Ensure journald service is enabled and activeCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.1.4 Ensure only one logging system is in useCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.2.1.2 Ensure systemd-journal-upload authentication is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.2.3.4 Ensure rsyslog log file creation mode is configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

6.2.4.1 Ensure access to all logfiles has been configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.4 Ensure permissions on /etc/group- are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.9 Ensure permissions on /etc/shells are configuredCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.12 Ensure no files or directories without an owner and a group existCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.2.6 Ensure no duplicate user names existCIS Red Hat Enterprise Linux 9 v2.0.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION