Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	SYSTEM AND SERVICES ACQUISITION
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	SYSTEM AND SERVICES ACQUISITION
1.1.3 Ensure nodev option set on /tmp partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.9 Ensure nodev option set on /home partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
1.1.11 Ensure nosuid option set on /dev/shm partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
2.1.4 Ensure rsync service is not enabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
2.2.4 Ensure 'OS_ROLES' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.7 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
2.2.15 Ensure '_trace_files_public' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.16 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.2.6 Ensure bogus ICMP responses are ignored	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3.3 Ensure iptables is installed	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.4 Ensure No Users Are Assigned the 'DEFAULT' Profile	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.5 Ensure 'SYS.USER$MIG' Has Been Dropped	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5 Ensure 'SYS.USER$MIG' Has Been Dropped	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" Packages	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" Packages	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" Packages	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.3.1 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'AUD$'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' Tables	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.4 Ensure SSH Protocol is set to 2	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.12 Ensure SSH PermitUserEnvironment is disabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.13 Ensure only strong Ciphers are used	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Unified Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.9 Ensure 'BECOME USER' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.3.1.5 Ensure all users last password change date is in the past	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.1 Ensure permissions on /etc/passwd are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.2 Ensure permissions on /etc/shadow are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.15 Ensure the 'PROCEDURE' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.18 Ensure the 'CREATE SESSION' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.16 Ensure no duplicate UIDs exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.17 Ensure no duplicate GIDs exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
Salesforce.com : Setting Session Security - 'Force logout on timeout = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'PermissionsPasswordNeverExpires = true'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com	ACCESS CONTROL
Salesforce.com : Setting Session Security - 'Review Force.com Flow Users'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com
Salesforce.com : Setting Session Security - 'Review Marketing Users'	TNS Salesforce Best Practices Audit v1.2.0	Salesforce.com

Detections

Analytics

Item Search