Item Search

NameAudit NamePluginCategory
1.1 Ensure the appropriate MongoDB software version/patches are installedCIS MongoDB 3.6 Database Audit L1 v1.1.0MongoDB

SYSTEM AND SERVICES ACQUISITION

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded clusterCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure authentication is enabled in the sharded clusterCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - authorizationCIS MongoDB 3.2 L2 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - modeCIS MongoDB 3.2 L2 Unix Audit v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Ensure that MongoDB only listens for network connections on authorized interfacesCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

3.6 Review Superuser/Admin Roles - dbAdminAnyDatabaseCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - dbOwnerCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - hostManagerCIS MongoDB 3.4 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - hostManagerCIS MongoDB 3.6 Database Audit L1 v1.1.0MongoDB

ACCESS CONTROL

3.6 Review Superuser/Admin Roles - userAdminCIS MongoDB 3.2 Database Audit L2 v1.0.0MongoDB

ACCESS CONTROL

4.1 Ensure TLS or SSL protects all network communicationsCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

4.2 Ensure Federal Information Processing Standard (FIPS) is enabledCIS MongoDB 3.6 L2 Windows Audit v1.1.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1 Ensure that system activity is auditedCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

AUDIT AND ACCOUNTABILITY

5.2 Ensure that audit filters are configured properlyCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS CentOS Linux 7 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Amazon Linux 2 v3.0.0 L2Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS AlmaLinux OS 8 Workstation L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Red Hat EL8 Server L2 v3.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.1 Ensure the audit log directory is 0750 or more restrictiveCIS Rocky Linux 8 Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.4 Ensure the audit log directory is 0750 or more restrictiveCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.8 Ensure audit tools are 755 or more restrictiveCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.8 Ensure audit tools are 755 or more restrictiveCIS Debian 10 Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.9 Ensure audit tools are owned by rootCIS Amazon Linux 2023 Server L2 v1.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.9 Ensure audit tools are owned by rootCIS Debian 10 Server L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.10 Ensure audit tools belong to group rootCIS Debian 10 Server L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.2.4.10 Ensure audit tools belong to group rootCIS Debian 10 Workstation L2 v2.0.0Unix

ACCESS CONTROL, MEDIA PROTECTION

5.3 Ensure that logging captures as much information as possibleCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

5.4 Ensure that new entries are appended to the end of the log fileCIS MongoDB 3.6 L1 Windows Audit v1.1.0Windows

AUDIT AND ACCOUNTABILITY

6.1 Mongodb Database Running with Least PrivilegesCIS MongoDB 3.4 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

6.2.4.4 Ensure the audit log file directory mode is configuredCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.4.8 Ensure audit tools mode is configuredCIS Debian Linux 12 v1.1.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3 Ensure that operating system resource limits are set for MongoDBCIS MongoDB 3.2 L2 Unix Audit v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.3 Ensure that server-side scripting is disabled if not neededCIS MongoDB 3.6 L2 Unix Audit v1.1.0Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

6.3.4.8 Ensure audit tools mode is configuredCIS AlmaLinux OS 9 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.8 Ensure audit tools mode is configuredCIS AlmaLinux OS 9 v2.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.9 Ensure audit tools owner is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.10 Ensure audit tools group owner is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.3.4.10 Ensure audit tools group owner is configuredCIS Ubuntu Linux 22.04 LTS v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

6.4 Ensure that server-side scripting is disabled if not neededCIS MongoDB 3.2 L2 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

6.4 Ensure that server-side scripting is disabled if not neededCIS MongoDB 3.4 L2 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

6.4.4.4 Ensure the audit log file directory mode is configuredCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

ACCESS CONTROL, MEDIA PROTECTION

7.2 Ensure that database file permissions are set correctlyCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

7.2 Ensure that database file permissions are set correctlyCIS MongoDB 3.6 L1 Unix Audit v1.1.0Unix

ACCESS CONTROL, MEDIA PROTECTION

UBTU-18-010305 - The Ubuntu operating system must be configured so that audit log files cannot be read or write-accessible by unauthorized users.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-18-010307 - The Ubuntu operating system must permit only authorized groups to own the audit log files.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-901300 - Ubuntu 24.04 LTS must be configured so that audit log files are not read or write-accessible by unauthorized users.DISA Canonical Ubuntu 24.04 LTS STIG v1r1Unix

AUDIT AND ACCOUNTABILITY