Item Search

NameAudit NamePluginCategory
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.14 Ensure that the default administrative credential file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

1.7.1 - Miscellaneous Enhancements - crontab access - 'cron.allow includes no other users'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

1.7.2 - Miscellaneous Enhancements - at access - 'at.allow includes no other users'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

1.7.3 - Miscellaneous Enhancements - '/etc/ftpusers includes root'CIS AIX 5.3/6.1 L1 v1.1.0Unix

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains adm'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains bin'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains daemon'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains guest'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains invscout'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lp'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains lpd'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains nuucp'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains sys'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.9 - Miscellaneous Config - /etc/ftpusers - '/etc/ftpusers contains uucp'CIS AIX 5.3/6.1 L2 v1.1.0Unix

ACCESS CONTROL

2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains no other entries besides sys and adm'CIS AIX 5.3/6.1 L1 v1.1.0Unix

ACCESS CONTROL

2.12.14 - Miscellaneous Config - authorized users in cron.allow - 'cron.allow contains no other entries besides sys and adm'CIS AIX 5.3/6.1 L1 v1.1.0Unix

ACCESS CONTROL

3.3 Ensure that docker.socket file ownership is set to root:rootCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

3.7 Ensure that registry certificate file ownership is set to root:rootCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

3.11 Ensure that Docker server certificate file ownership is set to root:rootCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

3.13 Ensure that the Docker server certificate key file ownership is set to root:rootCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

3.22 Ensure that the /etc/sysconfig/docker file ownership is set to root:rootCIS Docker v1.7.0 L2 Docker - LinuxUnix

ACCESS CONTROL

3.23 Ensure that the Containerd socket file ownership is set to root:rootCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 13 OS v1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL

4.1 Ensure Interactive Login is DisabledCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

ACCESS CONTROL

4.1.2 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:rootCIS Kubernetes v1.10.0 L1 WorkerUnix

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L1GCP

ACCESS CONTROL

4.1.6 Avoid use of system:masters groupCIS Google Kubernetes Engine (GKE) v1.7.0 L1GCP

ACCESS CONTROL

4.8 Ensure setuid and setgid permissions are removedCIS Docker v1.7.0 L2 Docker - LinuxUnix

ACCESS CONTROL

5.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes clusterCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL

5.2.7 Minimize the admission of root containersCIS Kubernetes v1.10.0 L2 MasterUnix

ACCESS CONTROL

5.5 Ensure that privileged containers are not usedCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

5.23 Ensure that docker exec commands are not used with the privileged optionCIS Docker v1.7.0 L2 Docker - LinuxUnix

ACCESS CONTROL

5.24 Ensure that docker exec commands are not used with the user=root optionCIS Docker v1.7.0 L2 Docker - LinuxUnix

ACCESS CONTROL

5.32 Ensure that the Docker socket is not mounted inside any containersCIS Docker v1.7.0 L1 Docker - LinuxUnix

ACCESS CONTROL

6.1.1 Ensure sudo is installedCIS IBM AIX 7 v1.0.0 L2Unix

ACCESS CONTROL

6.5 Restrict FTP Use - Audit the list of users in /etc/ftpd/ftpusers.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.9 Restrict FTP UseCIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.9 Restrict FTP UseCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

6.9 Restrict FTP Use - /etc/ftpd/ftpusersCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

7.4 Create /etc/ftpusersCIS Solaris 9 v1.3Unix

ACCESS CONTROL

Access Security - SSH - Deny Root loginsJuniper Hardening JunOS 12 Devices ChecklistJuniper

ACCESS CONTROL