800-53|AC-2c.

Title

ACCOUNT MANAGEMENT

Description

Establishes conditions for group and role membership;

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.2 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges for the local server.WindowsCIS Microsoft SharePoint 2019 OS v1.0.0
2.2 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges for the local server.WindowsCIS Microsoft SharePoint 2016 OS v1.1.0
5.4.3 Ensure default group for the root account is GID 0UnixCIS Amazon Linux v2.1.0 L1
5.4.3 Ensure default group for the root account is GID 0UnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
5.4.3 Ensure default group for the root account is GID 0UnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
5.4.3 Ensure default group for the root account is GID 0UnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.4.3 Ensure default group for the root account is GID 0UnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.5 Ensure access to the su command is restricted - wheel group contains rootUnixCIS Amazon Linux v2.1.0 L1
5.5.3 Ensure default group for the root account is GID 0UnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
5.5.3 Ensure default group for the root account is GID 0UnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
5.6 Ensure access to the su command is restricted - /etc/groupUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
5.6 Ensure access to the su command is restricted - /etc/groupUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
6.2.3 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
6.2.14 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Fedora 28 Family Linux Workstation L1 v1.0.0
6.2.14 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Fedora 28 Family Linux Server L1 v1.0.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupUnixCIS Amazon Linux v2.1.0 L1
7.4 Set Default Group for root AccountUnixCIS Solaris 10 L1 v5.2
7.5 Change Home Directory for root AccountUnixCIS Solaris 10 L1 v5.2
8.6 Set default group for root accountUnixCIS Solaris 9 v1.3
9.5 Restrict Access to the su Command - 'wheel group contains root'UnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
9.5 Restrict Access to the su Command - wheel group has membersUnixCIS Debian Linux 7 L1 v1.0.0
9.11 Check Groups in /etc/passwdUnixCIS Solaris 10 L1 v5.2
9.11 Check Groups in passwd(4)UnixCIS Solaris 11 L1 v1.1.0
9.11 Check Groups in passwd(4)UnixCIS Solaris 11.1 L1 v1.0.0
9.11 Check Groups in passwd(4)UnixCIS Solaris 11.2 L1 v1.1.0
10.3 Set Default Group for root AccountUnixCIS Debian Linux 7 L1 v1.0.0
12.03 Unix root group members on host - 'Disallow 'oracle' as a member of root group'UnixCIS v1.1.0 Oracle 11g OS L1
13.11 Check Groups in /etc/passwdUnixCIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
13.11 Check Groups in /etc/passwdUnixCIS Debian Linux 7 L1 v1.0.0
BSI-100-2: S 4.13: Careful allocation of identifiers: Every GID must be validUnixBSI-100-2 Red Hat Linux 2005
BSI-100-2: S 4.22: Prevention of loss of confidentiality of sensitive data in the Unix system: Restrict access to commandsUnixBSI-100-2 Red Hat Linux 2005
DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'Oracle instance DBA is only a member of ORA_{SID}_DBA and Users group'WindowsDISA STIG Oracle 11 Installation v9r1 Windows
Ensure access to the su command is restricted - wheel group contains rootUnixTenable Cisco Firepower Management Center OS Best Practices Audit
Ensure all groups in /etc/passwd exist in /etc/groupUnixTenable Cisco Firepower Management Center OS Best Practices Audit
Ensure default group for the root account is GID 0UnixTenable Cisco Firepower Management Center OS Best Practices Audit
GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.UnixDISA STIG AIX 5.3 v1r2
GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.UnixDISA STIG for Oracle Linux 5 v2r1
GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group.UnixDISA STIG AIX 6.1 v1r14