Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure hfs kernel module is not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.7 Ensure unused filesystems kernel modules are not availableCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.1.3 Ensure nosuid option set on /tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.1.4 Ensure noexec option set on /tmp partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.2.4 Ensure noexec option set on /dev/shm partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.2.3.2 Ensure nodev option set on /home partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.4.3 Ensure nosuid option set on /var partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

1.1.2.6.2 Ensure nodev option set on /var/log partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.6.3 Ensure nosuid option set on /var/log partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.7.4 Ensure noexec option set on /var/log/audit partitionCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.3.1 Ensure authentication required for single user modeCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.5.1 Ensure core file size is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.2 Ensure fs.protected_hardlinks is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

1.5.6 Ensure kernel.kptr_restrict is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.6.5 Ensure access to /etc/issue is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.2.14 Ensure snmp services are not in useCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.2 Ensure net.ipv6.conf.default.forwarding is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.3.2.8 Ensure net.ipv6.conf.default.accept_ra is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

5.1.1.1 Ensure cron daemon is enabled and activeCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.1.1.6 Ensure access to /etc/cron.monthly is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.7 Ensure access to /etc/cron.d is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.2.1 Ensure access to at is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.2 Ensure access to SSH private host key files is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

5.2.6 Ensure sshd Ciphers are configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.11 Ensure sshd IgnoreRhosts is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.2.13 Ensure sshd LoginGraceTime is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

5.2.20 Ensure sshd PermitRootLogin is disabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.2.21 Ensure sshd PermitUserEnvironment is disabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

5.3.2 Ensure sudo commands use ptyCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.5 Ensure re-authentication for privilege escalation is not disabled globallyCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.7 Ensure access to the su command is restrictedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.4.2.1.3 Ensure password unlock time is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

5.4.2.2.1 Ensure pam_pwquality module is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.2.2.4 Ensure password complexity is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.2.2.6 Ensure password dictionary check is enabledCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.2.3.2 Ensure password history remember is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.2.4.2 Ensure pam_unix does not include rememberCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.4.2.4.4 Ensure pam_unix includes use_authtokCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.5.2.1 Ensure root is the only UID 0 accountCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

6.1.1.4 Ensure journald Storage is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

6.1.1.7 Ensure journald log file access is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL

6.1.2.4 Ensure rsyslog logging is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit toolsCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

7.1.1 Ensure access to /etc/passwd is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.4 Ensure access to /etc/group- is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.6 Ensure access to /etc/shadow- is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.9 Ensure access to /etc/shells is configuredCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

7.1.11 Ensure world writable files and directories are securedCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.1.12 Ensure no files or directories without an owner and a group existCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

7.2.1 Ensure accounts in /etc/passwd use shadowed passwordsCIS Amazon Linux 2 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION