Item Search

NameAudit NamePluginCategory
1.2 Disable Unused ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.1 Configure NTP time synchronizationCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

AUDIT AND ACCOUNTABILITY

2.2 Alter the Advertised server.number StringCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.3 Alter the Advertised server.built DateCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.3 Disable Managed Object Browser (MOB)CIS VMware ESXi 5.5 v1.2.0 Level 1VMware
2.3.17.1 (L1) Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.1 (L1) Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.4.4 Set 'ip tftp source-interface' to the Loopback InterfaceCIS Cisco IOS XE 16.x v2.1.0 L2Cisco

SYSTEM AND INFORMATION INTEGRITY

3.1 Configure a centralized location to collect ESXi host core dumpsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
4.1 Restrict access to $CATALINA_HOMECIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.6 Restrict access to Tomcat binaries directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.8 Restrict access to Tomcat catalina.propertiesCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.9 Restrict access to Tomcat catalina.policyCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

4.15 Restrict access to jaspic-providers.xmlCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL, MEDIA PROTECTION

5.1 Disable DCUI to prevent local administrative controlCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

5.4 Limit CIM AccessCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
5.5 Enable lockdown mode to restrict remote accessCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
7.1 Ensure that the vSwitch Forged Transmits policy is set to rejectCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Ensure that the vSwitch MAC Address Change policy is set to rejectCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in defaultCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

7.6 Ensure directory in logging.properties is a secure location - check application log directory is secureCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

7.6 Ensure that port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT)CIS VMware ESXi 5.5 v1.2.0 Level 1VMware

CONFIGURATION MANAGEMENT

8.1.2 Limit sharing of console connectionsCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

ACCESS CONTROL

8.2.4 Disconnect unauthorized devices - Serial DevicesCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.3.1 Disable unnecessary or superfluous functions inside VMsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware
8.4.1 Control access to VMs through the dvfilter network APIsCIS VMware ESXi 5.5 v1.2.0 Level 1VMware

ACCESS CONTROL

8.4.12 Disable Drag and Drop Version GetCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.15 Disable Request Disk TopologyCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.19 Disable Unity InterlockCIS VMware ESXi 5.5 v1.2.0 Level 2VMware

CONFIGURATION MANAGEMENT

8.4.29 Disable all but VGA mode on virtual machines.CIS VMware ESXi 5.5 v1.2.0 Level 2VMware

SYSTEM AND COMMUNICATIONS PROTECTION

10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

10.2 Restrict access to the web administration applicationCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

10.14 Do not allow cross context requestsCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

10.17 Setting Security Lifecycle Listener - check for config componentCIS Apache Tomcat 9 L1 v1.2.0 MiddlewareUnix

ACCESS CONTROL

18.9.31.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.13 (L1) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.9.2.14 (L1) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.10.2.10 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.10.2.10 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 11 Stand-alone v4.0.0 BLWindows

ACCESS CONTROL

18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.10.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

ACCESS CONTROL

18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.36.1 (L1) Ensure 'Turn off location' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

49.32 (L1) Ensure 'User Account Control: Use Admin Approval Mode' is set to 'Enabled'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

49.32 (L1) Ensure 'User Account Control: Use Admin Approval Mode' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

IDENTIFICATION AND AUTHENTICATION

O121-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of uppercase characters used.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

IDENTIFICATION AND AUTHENTICATION

O121-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lowercase characters used.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

IDENTIFICATION AND AUTHENTICATION