Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure freevxfs kernel module is not availableCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.2.1.3 Ensure nosuid option set on /tmp partitionCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.2.1 Ensure /dev/shm is a separate partitionCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.2.3.2 Ensure nodev option set on /home partitionCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.3 Ensure nosuid option set on /var/log partitionCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.7.3 Ensure nosuid option set on /var/log/audit partitionCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.2.2 Ensure gpgcheck is globally activatedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

1.5.1.2 Ensure SELinux is not disabled in bootloader configurationCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.5.1.3 Ensure SELinux policy is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

1.6.4 Ensure access to /etc/motd is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2.2 Ensure avahi daemon services are not in useCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.5 Ensure dnsmasq services are not in useCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.17 Ensure web proxy server services are not in useCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.1.1 Ensure IPv6 status is identifiedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.1.2 Ensure wireless interfaces are disabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.1 Ensure ip forwarding is disabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.6 Ensure secure icmp redirects are not acceptedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.4.1.2 Ensure a single firewall configuration utility is in useCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.2.3 Ensure firewalld drops unnecessary services and portsCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.3 Ensure an nftables table existsCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.3.4 Ensure nftables base chains existCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.1.1 Ensure iptables packages are installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.4 Ensure iptables default deny firewall policyCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4.4.2.6 Ensure iptables service is enabled and activeCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.1.1.4 Ensure permissions on /etc/cron.daily are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.1.1.6 Ensure permissions on /etc/cron.monthly are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.2 Ensure permissions on SSH private host key files are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.4 Ensure sshd access is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.5 Ensure sshd Banner is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.2.15 Ensure sshd MACs are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.16 Ensure sshd MaxAuthTries is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.20 Ensure sshd PermitRootLogin is disabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.2.22 Ensure sshd UsePAM is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

4.3.1 Ensure sudo is installedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.3.7 Ensure access to the su command is restrictedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

4.4.2.1.1 Ensure pam_faillock module is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

4.4.2.2.5 Ensure password same consecutive characters is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

4.5.1.4 Ensure inactive password lock is 30 days or lessCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

4.5.3.2 Ensure default user shell timeout is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.1.2.3 Ensure journald is configured to compress large log filesCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.1.2.5 Ensure journald is not configured to send logs to rsyslogCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.3.2 Ensure filesystem integrity is regularly checkedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

6.1.4 Ensure permissions on /etc/group- are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.6 Ensure permissions on /etc/shadow- are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure permissions on /etc/shells are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.12 Ensure no unowned or ungrouped files or directories existCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.13 Ensure SUID and SGID files are reviewedCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.9 Ensure root is the only UID 0 accountCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL

6.2.11 Ensure local interactive user dot files access is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION