1.1.2 Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
1.1.22 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
1.5 Ensure MFA is enabled for the 'root' user account | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | IDENTIFICATION AND AUTHENTICATION |
1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3 | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
1.6 Ensure hardware MFA is enabled for the 'root' user account | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | IDENTIFICATION AND AUTHENTICATION |
1.10 Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | IDENTIFICATION AND AUTHENTICATION |
2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora' | CIS Oracle Server 12c Linux v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.1.1.1.1 Set the 'hostname' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.1.1.4 Set 'seconds' for 'ip ssh timeout' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.6 Ensure rsh server is not enabled - rexec | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rexec | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rexec | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rlogin | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rlogin | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rlogin | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rsh | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure rsh server is not enabled - rsh | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY |
2.1.14 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.4 Ensure telnet client is not installed | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
2.3.4 Ensure telnet client is not installed | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
2.3.4 Ensure telnet client is not installed | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
4.2 Ensure valid public keys are installed | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
18.9.15.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.15.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.16.1 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.2 Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.3 Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.59.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |