800-53|CM-6b.

Title

CONFIGURATION SETTINGS

Description

Implements the configuration settings;

Reference Item Details

Category: CONFIGURATION MANAGEMENT

Family: CONFIGURATION MANAGEMENT

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.0.2 Use IP address rather than hostname - 'db2system = IP'UnixCIS IBM DB2 OS L1 v1.2.0
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.WindowsDISA Windows Vista STIG v6r41
1.1 Create local-settings.js file - general.config.filenameWindowsCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.filenameWindowsCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscureWindowsCIS Mozilla Firefox 102 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscureWindowsCIS Mozilla Firefox 38 ESR Windows L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscure_valueUnixCIS Mozilla Firefox 102 ESR Linux L1 v1.0.0
1.1 Create local-settings.js file - general.config.obscure_valueUnixCIS Mozilla Firefox 38 ESR Linux L1 v1.0.0
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
1.1 Ensure access to SharePointEmailws.asmx is limited to only the server farm accountWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
1.1 Ensure Web Content Is on Non-System PartitionWindowsCIS IIS 7 L1 v1.8.0
1.1 Ensure web content is on non-system partitionWindowsCIS IIS 8.0 v1.5.1 Level 1
1.1 Set 'Restrict level of calendar details users can publish' to 'Enabled:Disables 'Full details' and 'Limited details''WindowsCIS MS Office Outlook 2010 v1.0.0
1.1.1.1 Ensure mounting of cramfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.2 Ensure mounting of freevxfs filesystems is disabledUnixCIS Amazon Linux v2.1.0 L2
1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.4 Ensure mounting of hfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.6 Ensure mounting of squashfs filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.7 Ensure mounting of udf filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.1.8 Ensure mounting of FAT filesystems is disabled - /etc/modprobe.d/CIS.confUnixCIS Amazon Linux v2.1.0 L1
1.1.2 Ensure /tmp is configuredUnixCIS Red Hat EL7 Server L1 v3.0.1
1.1.2 Ensure /tmp is configured - config checkUnixCIS Red Hat EL8 Server L1 v1.0.0
1.1.2 Ensure /tmp is configured - config checkUnixCIS Red Hat EL8 Workstation L1 v1.0.0
1.1.2 Ensure /tmp is configured - mountUnixCIS Red Hat EL8 Workstation L1 v1.0.0
1.1.2 Ensure /tmp is configured - mount checkUnixCIS Red Hat EL8 Server L1 v1.0.0
1.1.2 Ensure /tmp is configured - or equivalent.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.2.4 Ensure 'Automatically configure profile based on Active Directory Primary SMTP address' is set to EnabledWindowsCIS Microsoft Office Outlook 2016 v1.1.0 Level 1
1.1.2.4 Ensure 'Automatically configure profile based on Active Directory Primary SMTP address' is set to EnabledWindowsCIS Microsoft Office Outlook 2013 v1.1.0 Level 1
1.1.2.5 Ensure 'Do not allow users to change permissions on folders' is set to EnabledWindowsCIS Microsoft Office Outlook 2013 v1.1.0 Level 1
1.1.2.5 Ensure 'Do not allow users to change permissions on folders' is set to EnabledWindowsCIS Microsoft Office Outlook 2016 v1.1.0 Level 1
1.1.10 Ensure separate partition exists for /varUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.10 Ensure that the --repair-malformed-updates argument is set to falseUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0
1.1.11 Ensure separate partition exists for /var/log/auditUnixCIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0
1.1.13 Ensure separate partition exists for /homeUnixCIS Amazon Linux v2.1.0 L2
1.1.13 Ensure separate partition exists for /var/log/auditUnixCIS Amazon Linux 2 STIG v1.0.0 L2
1.1.16 Ensure separate partition exists for /var/log/auditUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.19 Ensure nosuid is set on users' home directories.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.21 Ensure all world-writable directories are group-owned.UnixCIS Amazon Linux 2 STIG v1.0.0 L3
1.1.22 Ensure nosuid option set on removable media partitionsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.23 Ensure noexec option is configured for NFS - NFS.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.24 Ensure nosuid option is set for NFS - NFS.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.26 Ensure all world-writable directories are group-owned.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties.WindowsDISA Windows Vista STIG v6r41
1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet.WindowsDISA Windows Vista STIG v6r41
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.WindowsDISA Windows Vista STIG v6r41
1.013 - System information backups are not created, updated, and protected according to DISA requirements.WindowsDISA Windows Vista STIG v6r41
1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.WindowsDISA Windows Vista STIG v6r41