Ensure access to the su command is restricted - pam_wheel.so | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure all groups in /etc/passwd exist in /etc/group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure audit log storage size is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure default group for the root account is GID 0 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure discretionary access control permission modification events are collected - auditctl b32 chmod fchmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure discretionary access control permission modification events are collected - auditctl b32 chown fchown | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure discretionary access control permission modification events are collected - auditctl b32 setxattr | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure discretionary access control permission modification events are collected - b32 chmod fchmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure discretionary access control permission modification events are collected - b32 chown fchown | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure discretionary access control permission modification events are collected - b64 setxattr | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify date and time information are collected - audit.rules b64 adjtimex | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify date and time information are collected - auditctl b64 adjtimex | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify date and time information are collected - auditctl b64 clock_settime | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify date and time information are collected - auditctl time-change | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify user/group information are collected - /etc/group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify user/group information are collected - auditctl /etc/group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure events that modify user/group information are collected - auditctl /etc/passwd | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure minimum days between password changes is 7 or more | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure mounting of FAT filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mounting of FAT filesystems is disabled - modprobe | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure no duplicate GIDs exist | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure no duplicate group names exist | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure no duplicate UIDs exist | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure no legacy '+' entries exist in /etc/group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure no legacy '+' entries exist in /etc/shadow | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure no ungrouped files or directories exist | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure password creation requirements are configured - pwquality.conf dcredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - pwquality.conf lcredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - pwquality.conf ucredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password expiration is 365 days or less | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password expiration warning days is 7 or more | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password fields are not empty | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password hashing algorithm is SHA-512 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure permissions on /etc/gshadow are configured - permissions | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure permissions on /etc/gshadow are configured - User and group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure permissions on /etc/gshadow- are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure permissions on /etc/passwd are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure permissions on /etc/passwd- are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure permissions on /etc/shadow- are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure root is the only UID 0 account | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure root login is restricted to system console | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure root PATH Integrity | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure separate partition exists for /var/log | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
Ensure session initiation information is collected - auditctl wtmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure session initiation information is collected - btmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure system accounts are non-login | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt' | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure users own their home directories | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure users' dot files are not group or world writable | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure users' home directories permissions are 750 or more restrictive | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |