1.3.5 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.3.7 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.4.2 Ensure that the --bind-address argument is set to 127.0.0.1 | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.5 Set the ACL for each 'snmp-server community' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.6 Create an 'access-list' for use with SNMP - 'SNMP deny secured by ACL' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.7 Set 'snmp-server host' when using SNMP | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.8 Set 'snmp-server enable traps snmp' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.5 Set maximimum value for 'ip ssh authentication-retries' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.2 Set version 2 for 'ip ssh version' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.2 Set 'no cdp run' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.3 Set 'no ip bootp server' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.4 Set 'no service dhcp' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.4 Set 'no service dhcp' - dhcp pool | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.8 Set 'no service pad' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.18 Ensure 'Require online OCSP/CRL checks for local trust anchors' is set to 'Enabled' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.3.10 Ensure certificate status checking for PKI authentication. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.5 Set 'Prevent ignoring certificate errors' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
5.5 Set 'Prevent ignoring certificate errors' to 'Enabled' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
5.7 Ensure HTTP Request Methods Are Restricted | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.7 Ensure HTTP Request Methods Are Restricted - allow | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.7 Ensure HTTP Request Methods Are Restricted - deny | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteEngine = on' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteOptions = inherit' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1.1$' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteRule configuration' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - rewrite_module | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - RewriteCond | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - RewriteEngine | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - RewriteRule | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - VirtualHost RewriteEngine | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
5.9 Ensure Old HTTP Protocol Versions Are Disallowed - VirtualHost RewriteOptions | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
10.10 Configure maxHttpHeaderSize | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
10.10 Configure maxHttpHeaderSize | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
39 - Increase the entropy in session identifiers | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Prevent ignoring certificate errors | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |