Item Search

NameAudit NamePluginCategory
3.5.3.2.3 Ensure iptables rules exist for all open ports - PPSM CLSA and vulnerability assessments.CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIGUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

5.1.1 Enable Compromised Host QuarantineCIS Fortigate 7.0.x Level 1 v1.2.0FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

APPL-11-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur.DISA STIG Apple macOS 11 v1r8Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

APPL-13-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur.DISA STIG Apple macOS 13 v1r3Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

ACCESS CONTROL

CASA-FW-000030 - The Cisco ASA must be configured to restrict VPN traffic according to organization-defined filtering rules - VPN Group PolicyDISA STIG Cisco ASA FW v1r4Cisco

ACCESS CONTROL

CASA-FW-000030 - The Cisco ASA must be configured to restrict VPN traffic according to organization-defined filtering rules - VPN RulesDISA STIG Cisco ASA FW v1r4Cisco

ACCESS CONTROL

ESXI-06-000004 - Remote logging for ESXi hosts must be configured.DISA STIG VMware vSphere 6.x ESXi v1r5VMware

ACCESS CONTROL

GEN001000 - Remote consoles must be disabled or protected from unauthorized access.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN001000 - Remote consoles must be disabled or protected from unauthorized access.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN008540 - The system's local firewall must implement a deny-all, allow-by-exception policy.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

OH12-1X-000019 - OHS must have the LoadModule log_config_module directive enabled to generate information to be used by external applications or entities to monitor and control remote access.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OH12-1X-000022 - OHS must have the OraLogSeverity directive defined to generate adequate information to be used by external applications or entities to monitor and control remote access.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OH12-1X-000023 - OHS must have the log rotation parameter set to allow generated information to be used by external applications or entities to monitor and control remote access.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OH12-1X-000026 - OHS must have a log file defined for each site/virtual host to capture information to be used by external applications or entities to monitor and control remote access.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OH12-1X-000032 - OHS must have the Order, Allow, and Deny directives set within the Files directives set to restrict inbound connections from nonsecure zones.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OH12-1X-000033 - OHS must have the Order, Allow, and Deny directives set within the Location directives set to restrict inbound connections from nonsecure zones.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

ACCESS CONTROL

OL08-00-040090 - An OL 8 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems.DISA Oracle Linux 8 STIG v1r9Unix

ACCESS CONTROL

OL08-00-040100 - A firewall must be installed on OL 8.DISA Oracle Linux 8 STIG v1r9Unix

ACCESS CONTROL

PHTN-30-000006 - The Photon operating system must have the sshd SyslogFacility set to 'authpriv'.DISA STIG VMware vSphere 7.0 Photon OS v1r3Unix

ACCESS CONTROL

PHTN-67-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO' - INFO.DISA STIG VMware vSphere 6.7 Photon OS v1r6Unix

ACCESS CONTROL

RHEL-06-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-06-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

ACCESS CONTROL

RHEL-08-010070 - All RHEL 8 remote access methods must be monitored.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

ACCESS CONTROL

RHEL-08-040100 - A firewall must be installed on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

ACCESS CONTROL

RHEL-08-040101 - A firewall must be active on RHEL 8.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

ACCESS CONTROL

RHEL-09-255030 - RHEL 9 must log SSH connection attempts and failures to the server.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

ACCESS CONTROL

RHEL-09-652030 - All RHEL 9 remote access methods must be monitored.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

ACCESS CONTROL

SLES-12-030110 - The SUSE operating system must log SSH connection attempts and failures to the server.DISA SLES 12 STIG v2r13Unix

ACCESS CONTROL

UBTU-16-030030 - An application firewall must be installed.DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

UBTU-20-010403 - The Ubuntu operating system must monitor remote access methods.DISA STIG Ubuntu 20.04 LTS v1r12Unix

ACCESS CONTROL

UBTU-20-010433 - The Ubuntu operating system must have an application firewall installed in order to control remote access methods.DISA STIG Ubuntu 20.04 LTS v1r12Unix

ACCESS CONTROL

UBTU-20-010434 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw).DISA STIG Ubuntu 20.04 LTS v1r12Unix

ACCESS CONTROL

VCLD-67-000004 - VAMI must be configured to monitor remote access.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

VCRP-67-000008 - The rhttproxy must exclusively use the HTTPS protocol for client connections - certificateDISA STIG VMware vSphere 6.7 RhttpProxy v1r3Unix

ACCESS CONTROL

WBLC-01-000011 - Oracle WebLogic must employ automated mechanisms to facilitate the monitoring and control of remote access methods.Oracle WebLogic Server 12c Linux v2r1Unix

ACCESS CONTROL

WBLC-01-000011 - Oracle WebLogic must employ automated mechanisms to facilitate the monitoring and control of remote access methods.Oracle WebLogic Server 12c Windows v2r1Windows

ACCESS CONTROL

WBLC-01-000013 - Oracle WebLogic must ensure remote sessions for accessing security functions and security-relevant information are audited.Oracle WebLogic Server 12c Linux v2r1 MiddlewareUnix

ACCESS CONTROL

WBSP-AS-000080 - WebSphere Application Server groups mapped to WebSphere auditor roles must be configured in accordance with security planDISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

ACCESS CONTROL

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

ACCESS CONTROL

WBSP-AS-000110 - The WebSphere Application Server audit service provider must be enabled.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

ACCESS CONTROL

WN11-UR-000090 - The 'Deny log on through Remote Desktop Services' user right on Windows 11 workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems - Deny log on through Remote Desktop Services user right on Windows 11 workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems.DISA Windows 11 STIG v1r5Windows

ACCESS CONTROL

WN12-CC-000132 - Users must be prevented from mapping local COM ports and redirecting data from the Remote Desktop Session Host to local COM ports. (Remote Desktop Services Role).DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

ACCESS CONTROL

WN12-CC-000134 - The system must be configured to ensure smart card devices can be redirected to the Remote Desktop session. (Remote Desktop Services Role).DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL

WN12-CC-000134 - The system must be configured to ensure smart card devices can be redirected to the Remote Desktop session. (Remote Desktop Services Role).DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

ACCESS CONTROL

WN12-CC-000135 - Users must be prevented from redirecting Plug and Play devices to the Remote Desktop Session Host. (Remote Desktop Services Role).DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL

WN22-DC-000410 - Windows Server 2022 Deny log on through Remote Desktop Services user right on domain controllers must be configured to prevent unauthenticated access.DISA Windows Server 2022 STIG v1r4Windows

ACCESS CONTROL

WN22-MS-000120 - Windows Server 2022 Deny log on through Remote Desktop Services user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and all local accounts and from unauthenticated access on all systems.DISA Windows Server 2022 STIG v1r4Windows

ACCESS CONTROL