Item Search

Name	Audit Name	Plugin	Category
1.1.5 Ensure noexec option set on /tmp partition	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
1.5.1.3 Ensure remote login warning banner is configured properly	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.1.1.1 Ensure time synchronization is in use	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
2.1.2 Ensure X Window System is not installed	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT
2.1.3 Ensure NFS and RPC are not enabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.13 Ensure 'SEC_RETURN_SERVER_RELEASE_BANNER' Is Set to 'FALSE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.14 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
2.3.10.4 (L2) Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
3.2.5 Ensure broadcast ICMP requests are ignored	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION
3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.1 Ensure All Default Passwords Are Changed	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	IDENTIFICATION AND AUTHENTICATION
4.1.2.2 Ensure journald is configured to write logfiles to persistent disk	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	AUDIT AND ACCOUNTABILITY
4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL
4.6 Ensure No Public Database Links Exist	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.1 Ensure permissions on /etc/ssh/sshd_config are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" Packages	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.3 Ensure permissions on SSH public host key files are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.1.3.2 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'DBA_%'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.1.8 Ensure SSH IgnoreRhosts is enabled	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.3 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'OUTLN'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.3.1.3 Ensure password expiration warning days is 7 or more	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
5.3.3 Ensure default group for the root account is GID 0	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.7 Ensure permissions on /etc/group- are configured	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.1.10 Ensure the 'SELECT ANY DICTIONARY' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.12 Ensure the 'GRANT ANY PRIVILEGE' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.13 Ensure the 'DROP ANY PROCEDURE' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.1.17 Ensure the 'TRIGGER' Audit Option Is Enabled	CIS Oracle Server 19c DB Traditional Auditing v1.2.0	OracleDB	AUDIT AND ACCOUNTABILITY
6.2.18 Ensure no duplicate user names exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
6.2.19 Ensure no duplicate group names exist	CIS Google Container-Optimized OS v1.2.0 L1 Server	Unix	IDENTIFICATION AND AUTHENTICATION
18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.5 (L2) Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.8 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.37.2 (L2) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.3.1 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	ACCESS CONTROL
18.9.103.1 (L2) Ensure 'Allow Remote Shell Access' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search