Ensure /etc/hosts.allow is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure at/cron is restricted to authorized users - cron.deny | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure Avahi Server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure chrony is configured - NTP server | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure CUPS Server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure DCCP is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure default deny firewall policy - Chain FORWARD | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure default deny firewall policy - Chain OUTPUT | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure DHCP Server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure FTP Server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure HTTP server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure IP forwarding is disabled - /etc/sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure IP forwarding is disabled - sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure IPv6 redirects are not accepted - sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure loopback traffic is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure mail transfer agent is configured for local-only mode - main.cf | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mail transfer agent is configured for local-only mode - netstat listening | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mounting of hfsplus filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mounting of hfsplus filesystems is disabled - modprobe | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mounting of udf filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure mounting of udf filesystems is disabled - modprobe | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure NFS and RPC are not enabled - NFS | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure NFS and RPC are not enabled - RPC | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure nodev option set on /tmp partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure nodev option set on /var/tmp partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure noexec option set on /tmp partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure ntp is configured - OPTIONS or ExecStart -u ntp:ntp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure ntp is configured - restrict -6 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure ntp is configured - server | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure only approved MAC algorithms are used | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure password creation requirements are configured - /etc/pam.d/* dcredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - /etc/pam.d/* ocredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - /etc/pam.d/* retry=3 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - pwquality.conf dcredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure password creation requirements are configured - pwquality.conf minlen | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
Ensure permissions on /etc/hosts.deny are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure permissions on /etc/ssh/sshd_config are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure rsync service is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure source routed packets are not accepted - sysctl ipv4 all acccept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure source routed packets are not accepted - sysctl ipv4 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure SSH HostbasedAuthentication is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
Ensure SSH IgnoreRhosts is enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
Ensure SSH LogLevel is set to INFO | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
Ensure SSH MaxAuthTries is set to 4 or less | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure SSH PermitUserEnvironment is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure SSH warning banner is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
Ensure SSH X11 forwarding is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
Ensure time synchronization is in use | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |