Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Ensure Minimum Password Length is set to 14 or higherCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

1.2 Ensure Disallow Palindromes is selectedCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

1.7 Ensure Lockout users after password expiration is set to 1CIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.8 Ensure Deny access to unused accounts is selectedCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.9 Ensure Days of non-use before lock-out is set to 30CIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.12 Ensure Maximum number of failed attempts allowed is set to 5 or fewerCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

1.13 Ensure Allow access again after time is set to 300 or more secondsCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

2.1.1 Ensure 'Login Banner' is set - message banner msgvalueCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

2.1.1 Ensure 'Login Banner' is set - message banner onCIS Check Point Firewall L1 v1.1.0CheckPoint

ACCESS CONTROL

2.1.3 Ensure Core Dump is enabledCIS Check Point Firewall L1 v1.1.0CheckPoint

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.5 Ensure unused interfaces are disabledCIS Check Point Firewall L1 v1.1.0CheckPoint

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.6 Ensure DNS server is configured - tertiaryCIS Check Point Firewall L1 v1.1.0CheckPoint

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.7 Ensure IPv6 is disabled if not usedCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.1.10 Ensure DHCP is disabledCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.1 Ensure SNMP agent is disabledCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.2 Ensure SNMP version is set to v3-OnlyCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.2.3 Ensure SNMP traps is enabled - coldStartCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - configurationChangeCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - configurationSaveCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - linkUpLinkDownCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.3 Ensure SNMP traps is enabled - lowDiskSpaceCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.2.4 Ensure SNMP traps receivers is setCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp activeCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp server secondaryCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.3.2 Ensure timezone is properly configuredCIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.5.3 Ensure Client Authentication is secured.CIS Check Point Firewall L1 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

2.5.4 Ensure Radius or TACACS+ server is configured - tacacs-servers state onCIS Check Point Firewall L1 v1.1.0CheckPoint

IDENTIFICATION AND AUTHENTICATION

2.6.1 Ensure mgmtauditlogs is set to onCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

2.6.2 Ensure auditlog is set to permanentCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

3.2 Configure a Default Drop/Cleanup RuleCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.1.13 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled'MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

3.5 Ensure no Allow Rule with Any in Destination filed present in the Firewall RulesCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

3.7 Ensure no Allow Rule with Any in Services filed present in the Firewall RulesCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

3.10 Ensure Drop Out of State TCP Packets is enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

SECURITY ASSESSMENT AND AUTHORIZATION

3.11 Ensure Drop Out of State ICMP Packets is enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

SECURITY ASSESSMENT AND AUTHORIZATION

3.13 Ensure Disk Space Alert is setCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

3.14 Ensure Accept RIP is not enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

3.15 Ensure Accept Domain Name over TCP (Zone Transfer) is not enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

3.19 Ensure Automatic ARP Configuration NAT is enabledCIS Check Point Firewall L2 v1.1.0CheckPoint

CONFIGURATION MANAGEMENT

3.20 Ensure Logging is enabled for Track Options of Global PropertiesCIS Check Point Firewall L1 v1.1.0CheckPoint

AUDIT AND ACCOUNTABILITY

12.1 Ensure the AppArmor Framework Is EnabledCIS Apache HTTP Server 2.4 v2.2.0 L2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Enterprise v4.0.0 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.3 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.7.1.7 (L1) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked)CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION