Item Search

NameAudit NamePluginCategory
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountCIS Microsoft SharePoint 2016 OS v1.1.0Windows
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountCIS Microsoft SharePoint 2019 OS v1.0.0Windows
1.1.2.1 Set 'Audit Policy: Privilege Use: Sensitive Privilege Use' to 'Success and Failure'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.3.17.7 Set 'User Account Control: Switch to the secure desktop when prompting for elevation' to 'Enabled'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.12 Ensure that the admission control policy is set to SecurityContextDenyCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

ACCESS CONTROL

1.1.14 Ensure that the admission control policy is set to SecurityContextDenyCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

1.2.3.4.1 Set 'Configure Solicited Remote Assistance' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.2.4.11 Set 'Always install with elevated privileges' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.4.1 Ensure that the API server pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.2 Ensure that the API server pod specification file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.2 Ensure that the apiserver file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.3 Ensure that the controller manager pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.4 Ensure that the config file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.4 Ensure that the controller manager pod specification file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.6 Ensure that the scheduler file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.6 Ensure that the scheduler pod specification file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.8 Ensure that the etcd pod specification file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.9 Ensure that the Container Network Interface file permissions are set to 644 or more restrictiveCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.9 Ensure that the flanneld file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.10 Ensure that the flanneld file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

1.4.18 Ensure that the controller-manager.conf file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

1.7.6 Do not admit root containersCIS Kubernetes 1.13 Benchmark v1.4.1 L2Unix

CONFIGURATION MANAGEMENT

2.1.1 Ensure that the --allow-privileged argument is set to falseCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

2.2.2 Ensure that the config file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.2 Ensure that the kubelet.conf file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.3 Ensure that the kubelet file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.4 Ensure that the kubelet service file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.5 Ensure that the proxy file permissions are set to 644 or more restrictiveCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.6 Ensure that the proxy file ownership is set to root:rootCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.6 Ensure that the proxy kubeconfig file ownership is set to root:rootCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.10 Ensure that the kubelet configuration file has permissions set to 644 or more restrictiveCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix
2.2.10 Ensure that the kubelet configuration file has permissions set to 644 or more restrictiveCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix
2.3 Ensure the SharePoint setup account is configured with the minimum privileges in Active Directory.CIS Microsoft SharePoint 2016 OS v1.1.0Windows

ACCESS CONTROL

2.3 Ensure the SharePoint setup account is configured with the minimum privileges in Active Directory.CIS Microsoft SharePoint 2019 OS v1.0.0Windows

ACCESS CONTROL

3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows
3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows
3.3 Ensure that MongoDB is run using a non-privileged, dedicated service accountCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

3.5 Ensure that /etc/docker directory ownership is set to root:rootCIS Docker Community Edition v1.1.0 L1 DockerUnix
3.17 Ensure that daemon.json file ownership is set to root:rootCIS Docker Community Edition v1.1.0 L1 DockerUnix

CONFIGURATION MANAGEMENT

4.8 Ensure setuid and setgid permissions are removed in the imagesCIS Docker Community Edition v1.1.0 L2 DockerUnix
5.2 Ensure that remote sessions for accessing security functions and security-relevant information are auditedCIS Microsoft SharePoint 2016 OS v1.1.0Windows
5.2 Ensure that remote sessions for accessing security functions and security-relevant information are auditedCIS Microsoft SharePoint 2019 OS v1.0.0Windows
5.2.6 Minimize the admission of root containersCIS Kubernetes Benchmark v1.6.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

5.2.9 Minimize the admission of containers with capabilities assignedCIS Kubernetes Benchmark v1.6.1 L2 MasterUnix

CONFIGURATION MANAGEMENT

5.22 Ensure docker exec commands are not used with privileged optionCIS Docker Community Edition v1.1.0 L2 DockerUnix
6.1 Mongodb Database Running with Least PrivilegesCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows
6.1 Mongodb Database Running with Least PrivilegesCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows
17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 v3.2.0Windows

AUDIT AND ACCOUNTABILITY

18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL