Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.2 Ensure mounting of jffs2 filesystems is disabled - lsmodCIS Debian 9 Server L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.2 Ensure mounting of jffs2 filesystems is disabled - modprobeCIS Debian 9 Workstation L1 v1.0.1Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabledCIS Debian 10 Workstation L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabledCIS Oracle Linux 6 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobeCIS Debian 8 Workstation L1 v2.0.2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobeCIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.3 Ensure mounting of jffs2 filesystems is disabled (modprobe)CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not availableCIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not availableCIS SUSE Linux Enterprise 15 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not availableCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

1.1.1.5 Ensure jffs2 kernel module is not availableCIS Red Hat Enterprise Linux 9 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

1.5.2 Ensure bootloader password is set - 'passwd_pbkdf2'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

1.5.2 Ensure bootloader password is set - 'set superusers'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

CONFIGURATION MANAGEMENT

4.1.3.7 Ensure kernel module loading and unloading is collectedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.8 Ensure changes to system administration scope (sudoers) is collectedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.26 Ensure audit of the rmdir syscallCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.33 Ensure audit of semanage commandCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.3.35 Ensure audit of the chcon commandCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissiveCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

4.2.1.4 Ensure logging is configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

4.2.2 (L2) Ensure 'Default Sensors Setting' is set to 'Enabled: Do not allow any site to access sensors'CIS Google Chrome L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

4.5.1.6 Ensure the number of changed characters in a new password is configuredCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.1.6 Ensure the number of changed characters in a new password is configuredCIS Debian 10 Server L1 v2.0.0Unix

IDENTIFICATION AND AUTHENTICATION

4.5.1.6 Ensure the number of changed characters in a new password is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION

4.5.1.6 Ensure the number of changed characters in a new password is configuredCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

IDENTIFICATION AND AUTHENTICATION

4.5.1.6 Ensure the number of changed characters in a new password is configuredCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 WorkstationUnix

IDENTIFICATION AND AUTHENTICATION

5.3.4 Ensure permissions on SSH private host key files are configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.5 Ensure permissions on SSH public host key files are configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.10 Ensure SSH IgnoreRhosts is enabledCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.26 Ensure RSA rhosts authentication is not allowedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.34 Ensure SSH compressions setting is delayedCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.3.36 Ensure no ".shosts" files exist on the systemCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT

5.4.3 Ensure password hashing algorithm is SHA-512CIS Amazon Linux 2 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.4.5 Ensure system-auth is used when changing passwordsCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.4.12 Ensure accounts lock for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframeCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL

5.5 NFS - 'cifs.preserve_unix_security = on'TNS NetApp Data ONTAP 7GNetApp

CONFIGURATION MANAGEMENT

5.5 NFS - 'nfs.kerberos.principal has been configured'TNS NetApp Data ONTAP 7GNetApp

SYSTEM AND COMMUNICATIONS PROTECTION

5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on'TNS NetApp Data ONTAP 7GNetApp

ACCESS CONTROL

5.5.1.2 Ensure minimum days between password changes is configuredCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.5.1.7 Ensure password expiration is 60 Day maximum for new usersCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

5.5.1.10 Ensure delay between logon prompts on failureCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.1.16 Ensure all world-writable directorys are owned by root, sys, bin, or an application User IdentifierCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

6.2.22 Ensure users' files and directories within the home directory permissions are 750 or more restrictiveCIS Amazon Linux 2 STIG v2.0.0 STIGUnix

ACCESS CONTROL, MEDIA PROTECTION

6.12 Set Default Screen Lock for GNOME Users - timeout = 10CIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.12 Set Default Screen Lock for GNOME Users - lockTimeout = 0CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

ARST-L2-000170 - The Arista MLS layer 2 switch must have all disabled switch ports assigned to an unused VLAN.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-ND-001140 - The Cisco router must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm.DISA STIG Cisco IOS XE Router NDM v3r2Cisco

ACCESS CONTROL

SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.DISA SLES 12 STIG v3r2Unix

IDENTIFICATION AND AUTHENTICATION

UBTU-16-010170 - The Ubuntu operating system must employ FIPS 140-2 approved cryptographic hashing algorithms for all created passwords.DISA STIG Ubuntu 16.04 LTS v2r3Unix

IDENTIFICATION AND AUTHENTICATION