Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5 Ensure noexec option set on /tmp partitionCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.1.3 Ensure remote login warning banner is configured properlyCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.1.1 Ensure time synchronization is in useCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

2.1.2 Ensure X Window System is not installedCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.3 Ensure NFS and RPC are not enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.13 Ensure 'SEC_RETURN_SERVER_RELEASE_BANNER' Is Set to 'FALSE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.14 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT nullCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

3.2.5 Ensure broadcast ICMP requests are ignoredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

4.1 Ensure All Default Passwords Are ChangedCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

IDENTIFICATION AND AUTHENTICATION

4.1.2.2 Ensure journald is configured to write logfiles to persistent diskCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any UserCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL

4.6 Ensure No Public Database Links ExistCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.1 Ensure permissions on /etc/ssh/sshd_config are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" PackagesCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.3 Ensure permissions on SSH public host key files are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.1.8 Ensure SSH IgnoreRhosts is enabledCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.1.3 Ensure password expiration warning days is 7 or moreCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

5.3.3 Ensure default group for the root account is GID 0CIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.7 Ensure permissions on /etc/group- are configuredCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.10 Ensure the 'SELECT ANY DICTIONARY' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.12 Ensure the 'GRANT ANY PRIVILEGE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.13 Ensure the 'DROP ANY PROCEDURE' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.17 Ensure the 'TRIGGER' Audit Option Is EnabledCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.18 Ensure no duplicate user names existCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.19 Ensure no duplicate group names existCIS Google Container-Optimized OS v1.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

18.4.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.2 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.3 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.7 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.9 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.102.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT