Item Search

NameAudit NamePluginCategory
1.1.1.1.3 Ensure passcode is set to have at least 1 numberCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.4.7.2.1.1 Ensure 'Excel 2 Macrosheets and Add-in Files' is set to Enabled(Open/Save blocked, use open policy)CIS Microsoft Office Excel 2013 v1.0.1Windows

SYSTEM AND INFORMATION INTEGRITY

1.7.6 Ensure GDM automatic mounting of removable media is disabledCIS Debian Linux 12 v1.1.0 L1 ServerUnix

MEDIA PROTECTION

2.1 Protection Policy for the CPS Control EngineTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'CIS Google Chrome L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

2.2.6 - AirWatch - Set Maximum Auto-lockAirWatch - CIS Apple iOS 8 v1.0.0 L1MDM

ACCESS CONTROL

2.2.6 - MobileIron - Set Maximum Auto-lockMobileIron - CIS Apple iOS 8 v1.0.0 L1MDM

ACCESS CONTROL

2.2.6 - MobileIron - Set Maximum Auto-lockMobileIron - CIS Apple iOS 9 v1.0.0 L1MDM

ACCESS CONTROL

2.4 Ensure 'forms authentication' is set to use cookiesCIS IIS 8.0 v1.5.1 Level 2Windows

CONFIGURATION MANAGEMENT

3.8 Ensure the Lock File Is Secured - 'LockFile directory'CIS Apache HTTP Server 2.2 L1 v3.6.0Unix

ACCESS CONTROL

3.8 Ensure the Lock File Is Secured - 'LockFile directory'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

3.8 Ensure the Lock File Is Secured - 'LockFile directory'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

3.8 Ensure the Lock File Is Secured - 'LockFile permissions'CIS Apache HTTP Server 2.2 L2 v3.6.0Unix

ACCESS CONTROL

3.8 Ensure the Lock File Is Secured - 'LockFile permissions'CIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

ACCESS CONTROL

4.4 Ensure non-ASCII characters in URLs are not allowedCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND INFORMATION INTEGRITY

5.2.3.5 Ensure events that modify the system's network environment are collectedCIS Amazon Linux 2 v3.0.0 L2Unix

AUDIT AND ACCOUNTABILITY

5.2.3.20 Ensure the audit configuration is immutableCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

5.2.4.4 Ensure only authorized groups are assigned ownership of audit log filesCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.5 Ensure audit configuration files are 640 or more restrictiveCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

6.1.14 Audit system file permissionsCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

8.4.9 Ensure Drag and Drop Version Get is disabledCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.12 Ensure Request Disk Topology is disabledCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.19 Ensure Guest Host Interaction Launch Menu is disabledCIS VMware ESXi 6.7 v1.3.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.21 Ensure Host Guest File System Server is disabledCIS VMware ESXi 6.5 v1.0.0 Level 2VMware

SYSTEM AND INFORMATION INTEGRITY

18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

AUDIT AND ACCOUNTABILITY

18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systemsCIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Configure System to Audit All Administrative Action EventsNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Administrative Action EventsNIST macOS Big Sur v1.4.0 - 800-53r4 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Administrative Action EventsNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Administrative Action EventsNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Big Sur - Configure System to Audit All Administrative Action EventsNIST macOS Big Sur v1.4.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Catalina - Configure System to Audit All Administrative Action EventsNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Catalina - Configure System to Audit All Administrative Action EventsNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

CD12-00-012300 - PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG Crunchy Data PostgreSQL OS v3r1Unix

IDENTIFICATION AND AUTHENTICATION

DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed.DISA STIG Office 2010 Outlook v1r14Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO243 - The prompt to display level 1 attachments must be disallowed when closing an item.DISA STIG Microsoft Outlook 2013 v1r14Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-67-100010 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 approved ciphers.DISA STIG VMware vSphere 6.7 ESXi OS v1r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

GEN000242 - The system must use at least two time sources for clock synchronization - 'at least 2 servers are configured'DISA STIG AIX 5.3 v1r2Unix

AUDIT AND ACCOUNTABILITY

GEN002825-2 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - 'delete_module'DISA STIG for Red Hat Enterprise Linux 5 v1r18 AuditUnix

AUDIT AND ACCOUNTABILITY

MADB-10-003700 - If MariaDB authentication, using passwords, is employed, then MariaDB must enforce the DOD standards for password complexity.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Configure System to Audit All Administrative Action EventsNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Administrative Action EventsNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE

Monterey - Configure System to Audit All Administrative Action EventsNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE