800-53|SI-2c.

Title

FLAW REMEDIATION

Description

Installs security-relevant software and firmware updates within [Assignment: organization-defined time period] of the release of the updates; and

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.0.1 Install the latest FixpakUnixCIS IBM DB2 OS L2 v1.2.0
1.1 Ensure Device is running Current Junos SoftwareJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.1 Ensure ESXi is properly patchedVMwareCIS VMware ESXi 6.5 v1.0.0 Level 1
1.1 Install the latest fix packsWindowsCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows
1.1 Install the latest fix packsUnixCIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux
1.1 Install the latest fix packsWindowsCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows
1.1 Install the latest fix packsUnixCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11.2 L1 v1.1.0
1.1 Use the Latest Package UpdatesUnixCIS Oracle Solaris 11.4 L1 v1.0.0
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11 L1 v1.1.0
1.1 Use the Latest Package UpdatesUnixCIS Solaris 11.1 L1 v1.0.0
1.1 Verify all Apple provided software is currentUnixCIS Apple OSX 10.9 L1 v1.3.0
1.1 Verify all Apple provided software is currentUnixCIS Apple macOS 10.12 L1 v1.2.0
1.1 Verify all Apple provided software is currentUnixCIS Apple OSX 10.11 El Capitan L1 v1.1.0
1.1 Verify all Apple-provided software is currentUnixCIS Apple macOS 10.13 L1 v1.1.0
1.1 Verify all application software is currentUnixCIS Apple OSX 10.10 Yosemite L1 v1.2.0
1.1.66 Ensure 'Notify a user that a browser restart is recommended or required for pending updates' is set to 'Enabled: Required - Show a recurring prompt to the user indicating that a restart is required'WindowsCIS Microsoft Edge L1 v1.0.1
1.1.70 Ensure 'Set the time period for update notifications' is set to 'Enabled: 86400000'WindowsCIS Microsoft Edge L1 v1.0.1
1.2 Use the updated Linux KernelUnixCIS Docker 1.6 v1.0.0 L1 Linux
1.2 Use the updated Linux KernelUnixCIS Docker 1.12.0 v1.0.0 L1 Linux
1.2 Use the updated Linux KernelUnixCIS Docker 1.11.0 v1.0.0 L1 Linux
1.2.1 Configure Connection to the RHN RPM RepositoriesUnixCIS Red Hat Enterprise Linux 5 L1 v2.2.1
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise Server 12 L1 v3.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 28 Family Linux Workstation L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 28 Family Linux Server L1 v1.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS SUSE Linux Enterprise Workstation 12 L1 v3.0.0
1.2.1 Ensure GPG keys are configuredUnixCIS Fedora 19 Family Linux Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v1.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Red Hat 6 Server L1 v3.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 10 Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian Family Workstation L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 20.04 LTS Server L1 v1.1.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian Family Server L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Debian 10 Workstation L1 v1.0.0
1.2.1 Ensure package manager repositories are configuredUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.2.1 Ensure Red Hat Subscription Manager connection is configuredUnixCIS Red Hat EL8 Server L1 v2.0.0
1.2.1 Ensure Red Hat Subscription Manager connection is configuredUnixCIS Red Hat EL8 Workstation L1 v2.0.0
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Workstation L1 v1.0.0
1.10 Ensure updates, patches, and additional security software are installedUnixCIS Debian Family Server L1 v1.0.0