2.1 Ensure 'global authorization rule' is set to restrict access | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
2.7 Prevent unintended use of dvfilter network APIs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
2.17.2 Ensure 'Never Allow Users to Specify Groups When Restricting Permission for Documents' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | ACCESS CONTROL |
3.1.10 Authenticate federated users at the instance level | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
3.1.10 Authenticate federated users at the instance level | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
3.1.11 Authenticate federated users at the instance level | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
3.1.11 Authenticate federated users at the instance level - 'fed_noauth = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
4.42 listener.ora - 'dynamic_registration_listener_name = OFF' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
6.1.3 Disable guest account login | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
6.4 Ensure VMDK files are zeroed out prior to deletion | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | ACCESS CONTROL |
7.1.1 Disable VDS network healthcheck if not used | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'bin' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'daemon' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'lp' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block system accounts, Ensure account 'nobody' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'bin' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'lp' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'noaccess' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.1 Block System Accounts, should pass if the default shell for 'smmsp' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
8.4.1 Control access to VMs through the dvfilter network APIs | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
8.4.1 Control access to VMs through the dvfilter network APIs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
ESXi : verify-dvfilter-bind | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE or *USE or *EXCLUDE' | IBM iSeries Security Reference v5r4 | AS/400 | ACCESS CONTROL |
IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | ACCESS CONTROL |
IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE' | IBM System i Security Reference for V7R3 | AS/400 | ACCESS CONTROL |
IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE' | IBM System i Security Reference for V7R2 | AS/400 | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
Network access: Allow anonymous SID/Name translation | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
VM : verify-network-filter | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |