Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.10 Ensure separate partition exists for /varCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.1.22 Ensure nosuid option set on removable media partitionsCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.1.26 Ensure all world-writable directories are group-owned.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.3.4 Ensure AIDE is configured to verify XATTRS - configCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.4.1 Ensure bootloader password is set - superusers efiCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

1.5.9 Ensure NIST FIPS-validated cryptography is configured - grubCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

1.6.1.5 Ensure the SELinux mode is enforcingCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

1.8.16 Ensure automatic logon via GUI is not allowedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.8.17 Ensure unrestricted logon is not allowedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

1.8.18 Ensure graphical user interface automounter is disabled - automountCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.8.18 Ensure graphical user interface automounter is disabled - automount-open=falseCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=trueCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

2.2.23 Ensure default SNMP community strings don't existCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.2.25 Ensure unrestricted mail relaying is preventedCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

2.2.27 Ensure ldap_id_use_start_tls is set for LDAP - LDAP authentication communications.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

2.2.28 Ensure ldap_tls_reqcert is set for LDAP - LDAP communications.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

3.3.1 Ensure source routed packets are not accepted - config default ipv4CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.6 Ensure broadcast ICMP requests are ignored - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.3.8 Ensure Reverse Path Filtering is enabled - sysctlCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

3.5.1.4 Ensure firewalld service enabled and running - statusCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

4.1.1.2 Ensure auditd service is enabled and runningCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.4 Ensure system notification is sent out when volume is 75% full - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.5 Ensure system is disabled when audit logs are full - at a minimum via email when the threshold for the repository maximum audit record storage capacity is reached.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.2.10 Ensure the auditing processing failures are handled - System Administrator [SA] and Information System Security Officer [ISSO] at a minimum in the event of an audit processing failure.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.7 Ensure kernel module loading and unloading is collected - delete_module 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - creat EACCES 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - open EPERM 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.11 Ensure unsuccessful unauthorized file access attempts are collected - truncate EPERM 64 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.12 Ensure discretionary access control permission modification events are collected - fchmod 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - fchownat 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.12 Ensure discretionary access control permission modification events are collected - lremovexattr 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.13 Ensure login and logout events are collected - lastlogCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.22 Ensure audit of postqueue command.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.24 Ensure audit of crontab commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.32 Ensure auditing of all privileged functions - setgid 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

4.1.3.32 Ensure auditing of all privileged functions - setuid 32 bitCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL

4.1.3.34 Ensure audit of the setsebool command.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.37 Ensure audit of the mount command and syscallCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.1.3.38 Ensure audit of the su commandCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

4.5.1.1 Ensure strong password hashing algorithm is configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.1.2.4 Ensure journald is configured to write logfiles to persistent diskCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveCountMaxCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

6.1.2 Ensure permissions on /etc/passwd- are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.3 Ensure permissions on /etc/group are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.5 Ensure permissions on /etc/shadow are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure permissions on /etc/gshadow are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.8 Ensure permissions on /etc/gshadow- are configuredCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.5 Ensure no duplicate GIDs existCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.6 Ensure no duplicate user names existCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

6.2.7 Ensure no duplicate group names existCIS Red Hat Enterprise Linux 7 v4.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION