1.1.3 Ensure nodev option set on /tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
1.1.4 Ensure nosuid option set on /tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
1.1.8 Ensure nodev option set on /var/tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
1.1.9 Ensure nosuid option set on /var/tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
1.1.15 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
2.3.4.2 Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.3.10.2 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.3.10.5 Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.3.10.10 Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.3.11.1 Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core dump logging = enabled | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core dump logging = enabled | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core dumps = enabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core dumps = enabled | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file content | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file content | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file pattern | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file pattern | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global core file pattern | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global setid core dumps = enabled | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - global setid core dumps = enabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - init core file content | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process core dumps = disabled | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process core dumps = disabled | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process setid core dumps = disabled | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process setid core dumps = disabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
3.1 Restrict Core Dumps to Protected Directory - per-process setid core dumps = disabled | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_GLOB_ENABLED is set to yes | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_GLOB_LOG_ENABLED is set to yes | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_GLOB_PATTERN is set to /var/cores/core_%n_%f_%u_%g_%t_%p | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_INIT_PATTERN is set to core | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_PROC_ENABLED is set to no | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_PROC_SETID_ENABLED is set to no | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
4.1 Disable core dumps | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
4.3 Block users from viewing unowned processes | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
5.2 Restrict Set-UID on User Mounted Devices - Check if nosuid option is set in /etc/rmmount.conf. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
6.9 Restrict at/cron To Authorized Users - should pass if 'root' exists in /etc/cron.d/cron.allow. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
6.13 Restrict at/cron to Authorized Users - /etc/cron.d/at.allow | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
7.4 Restrict at/cron to authorized users (/var/at/at.allow) | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
9.8 Set 'Disable the Security page' to 'Enabled' | CIS IE 9 v1.0.0 | Windows | ACCESS CONTROL |
Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
Join Microsoft MAPS | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
Join Microsoft MAPS | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Join Microsoft MAPS | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
Join Microsoft MAPS - SpynetReporting | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
Turn on PowerShell Script Block Logging - EnableScriptBlockInvocationLogging | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
Turn on PowerShell Script Block Logging - EnableScriptBlockInvocationLogging | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
Turn on PowerShell Script Block Logging - EnableScriptBlockInvocationLogging | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |