1.2.16 Ensure that the --insecure-bind-address argument is not set - openshift-kube-apiserver | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
1.4.6 Do not Configure a Read Write SNMP Community String | CIS Cisco NX-OS L1 v1.0.0 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
1.8.4 Ensure XDCMP is not enabled | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.5 Ensure DHCP Server is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.6 Ensure LDAP server is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.7 Ensure NFS is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.9 Ensure FTP Server is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.9 Ensure FTP Server is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.10 Ensure HTTP server is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-imapd | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-imapd | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.11 Ensure IMAP and POP3 server are not installed - dovecot-pop3d | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.12 Ensure Samba is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.13 Ensure HTTP Proxy Server is not enabled - status | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.14 Ensure SNMP Server is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.14 Ensure SNMP Server is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.1.16 Ensure rsync service is not installed | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
2.2.3 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) - Administrators, Authenticated Users | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
2.2.6 Ensure RPC is not installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.3 Ensure nonessential services are removed or masked | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.5 Ensure SNMP is configured properly - 'community name private does not exist' | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts - ModLoad | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
5.2.6 Ensure SSH IgnoreRhosts is enabled | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
5.3.4 Ensure SSH Protocol is set to 2 | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
5.3.9 Ensure SSH IgnoreRhosts is enabled | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
5.4 Ensure SSH is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 6 L1 OS Linux v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 6 L2 OS Windows v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 6 L2 OS Linux v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
7.6 Ensure port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT) | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.2.1 Ensure unnecessary floppy devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.2.3 Ensure unnecessary parallel ports are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.2.5 Ensure unnecessary USB devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.2.7 Ensure unauthorized connection of devices is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.3.1 Ensure unnecessary or superfluous functions inside VMs are disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.4.3 Ensure VMsafe Agent Port is configured correctly | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
8.4.4 Ensure VMsafe Agent is configured correctly | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.3.4 Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)' - Enabled: P-node (recommended) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.5.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.5.4 Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.5.6 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.5.12 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.6.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v2.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |