Detections
Analytics

800-53|SI-5

Title

SECURITY ALERTS, ADVISORIES, AND DIRECTIVES

Description

The organization:

Supplemental

The United States Computer Emergency Readiness Team (US-CERT) generates security alerts and advisories to maintain situational awareness across the federal government. Security directives are issued by OMB or other designated organizations with the responsibility and authority to issue such directives. Compliance to security directives is essential due to the critical nature of many of these directives and the potential immediate adverse effects on organizational operations and assets, individuals, other organizations, and the Nation should the directives not be implemented in a timely manner. External organizations include, for example, external mission/business partners, supply chain partners, external service providers, and other peer/supporting organizations.

Reference Item Details

Related: SI-2

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P1

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.7.1 Set 'Microsoft network client: Send unencrypted password to third-party SMB servers' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.96 WN16-CC-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.96 WN16-CC-000030WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.96 WN19-CC-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.96 WN19-CC-000020WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.96 WN22-CC-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.96 WN22-CC-000020WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.106 WN10-CC-000038WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.205 WN10-SO-000110WindowsCIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.223 WN16-SO-000210WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.223 WN16-SO-000210WindowsCIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.225 WN19-SO-000180WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.225 WN19-SO-000180WindowsCIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.225 WN22-SO-000180WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.225 WN22-SO-000180WindowsCIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Attempt to cleanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Download ScanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Upload ScanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
4.2.5 Ensure SSH LogLevel is appropriateUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
4.2.5 Ensure SSH LogLevel is appropriateUnixCIS Debian Linux 10 v2.0.0 L1 Server
4.2.13 Ensure sshd LogLevel is configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
4.2.13 Ensure sshd LogLevel is configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
5.1.1.1.1 Ensure systemd-journal-remote is installedUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
5.1.1.1.1 Ensure systemd-journal-remote is installedUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
5.1.1.1.1 Ensure systemd-journal-remote is installedUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
5.1.1.1.1 Ensure systemd-journal-remote is installedUnixCIS Debian Linux 10 v2.0.0 L1 Server
5.1.1.1.2 Ensure systemd-journal-remote is configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
5.1.1.1.2 Ensure systemd-journal-remote is configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
5.1.1.1.2 Ensure systemd-journal-remote is configuredUnixCIS Debian Linux 10 v2.0.0 L1 Server
5.1.1.1.2 Ensure systemd-journal-remote is configuredUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
5.1.1.1.3 Ensure systemd-journal-remote is enabledUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
5.1.1.1.3 Ensure systemd-journal-remote is enabledUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
5.1.1.1.3 Ensure systemd-journal-remote is enabledUnixCIS Debian Linux 10 v2.0.0 L1 Server
5.1.1.1.3 Ensure systemd-journal-remote is enabledUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
5.1.1.7 Ensure journald default file permissions configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation
5.1.1.7 Ensure journald default file permissions configuredUnixCIS Debian Linux 10 v2.0.0 L1 Workstation
5.1.1.7 Ensure journald default file permissions configuredUnixCIS Debian Linux 10 v2.0.0 L1 Server
5.1.1.7 Ensure journald default file permissions configuredUnixCIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server
5.1.14 Ensure sshd LogLevel is configuredUnixCIS AlmaLinux OS 10 v1.0.0 L1 Server
5.1.14 Ensure sshd LogLevel is configuredUnixCIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Server
5.1.14 Ensure sshd LogLevel is configuredUnixCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation
5.1.14 Ensure sshd LogLevel is configuredUnixCIS Rocky Linux 10 v1.0.0 L1 Server
5.1.14 Ensure sshd LogLevel is configuredUnixCIS Oracle Linux 10 v1.0.0 L1 Server
5.1.14 Ensure sshd LogLevel is configuredUnixCIS Red Hat Enterprise Linux 10 v1.0.1 L1 Workstation
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1