Item Search

NameAudit NamePluginCategory
1.1 Ensure a separate user and group exist for Cassandra - groupCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - groupCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwdCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - passwdCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.1 Ensure a separate user and group exist for Cassandra - user exists in groupCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.2.15 Ensure that the admission control plugin NamespaceLifecycle is setCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.2.17 Ensure that the admission control plugin NodeRestriction is setCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.3.1 Ensure sudo is installedCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriateCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Fedora 19 Family Linux Workstation L1 v1.0.0Unix

ACCESS CONTROL

1.3.2 Ensure sudo commands use ptyCIS Fedora 19 Family Linux Server L1 v1.0.0Unix

ACCESS CONTROL

1.3.3 Ensure that the --use-service-account-credentials argument is set to trueCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.3.4 Ensure that the --service-account-private-key-file argument is set as appropriateCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.4.1 Ensure that the --profiling argument is set to falseCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

1.5 Ensure the Cassandra service is run as a non-root userCIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.5 Ensure the Cassandra service is run as a non-root userCIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0Unix

ACCESS CONTROL

1.13 Ensure there is only one active access key available for any single IAM userCIS Amazon Web Services Foundations L1 1.5.0amazon_aws

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - process -u namedCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.1 Run BIND as a non-root User - UIDCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.6 Ensure that the --peer-auto-tls argument is not set to trueCIS Kubernetes Benchmark v1.6.1 L1 MasterUnix

ACCESS CONTROL

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 9 v1.0.1 L1Palo_Alto

ACCESS CONTROL

2.6 Ensure that the User-ID service account does not have interactive logon rightsCIS Palo Alto Firewall 10 v1.0.0 L1Palo_Alto

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1MDM

ACCESS CONTROL

3.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

ACCESS CONTROL

4.1 Ensure that a user for the container has been createdCIS Docker v1.3.1 L1 Docker LinuxUnix

ACCESS CONTROL

4.3 Ensure excessive function privileges are revokedCIS PostgreSQL 10 OS v1.0.0Unix

ACCESS CONTROL

5.2 Ensure SNMPv1/2 are set to Read OnlyCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.1 Ensure sudo is installedCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.2.2 Ensure sudo commands use ptyCIS CentOS 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Red Hat 6 Server L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - pam_wheel.soCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS CentOS 6 Server L1 v3.0.0Unix

ACCESS CONTROL

6.4 Restrict root Login to System ConsoleCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.5 Restrict Access to the su Command - wheel:x:10:root, <user list>'CIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

ACCESS CONTROL

6.11.4 Ensure Console Port is Set as InsecureCIS Juniper OS Benchmark v2.1.0 L2Juniper

ACCESS CONTROL

6.11.5 Ensure Log-out-on-disconnect is Set for ConsoleCIS Juniper OS Benchmark v2.1.0 L1Juniper

ACCESS CONTROL