Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CAT
II
CAT
CAT|II
Title
DISA Severity Level 2
Description
Any vulnerability, the exploitation of which has a potential to result in loss of Confidentiality, Availability, or Integrity.
Reference Item Details
Reference:
CAT - DISA Severity Level
Category:
Severity Level
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
GEN002000 - There must be no .netrc files on the system
Unix
DISA STIG HP-UX 11.31 v1r19
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.
Windows
DISA Windows 7 STIG v1r32
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.
Windows
DISA Windows Vista STIG v6r41
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.001 - The Automated Information System (AIS) will be physically secured in an access controlled area.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.001 - The Automated Information System (AIS) will be physically secured in an access controlled area.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows Vista STIG v6r41
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows 7 STIG v1r32
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.007 - Members of the Backup Operators group will have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.007 - Members of the Backup Operators group will have separate accounts for backup duties and normal operational tasks.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.008 - Shared user accounts are permitted on the system.
Windows
DISA Windows Vista STIG v6r41
1.008 - Shared user accounts must not be permitted on the system.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.008 - Shared user accounts must not be permitted on the system.
Windows
DISA Windows 7 STIG v1r32
1.008 - Shared user accounts must not be permitted on the system.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.008 - Shared user accounts must not be permitted on the system.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.008 - Shared user accounts must not be permitted on the system.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.15 - Ensure IBM JRE 1.6 is configured correctly - 'policy.provider = sun.security.provider.PolicyFile'
Unix
Redhat JBoss EAP 5.x
1.17 The allRolesMode must be configured to 'strict' - 'allRolesMode = strict'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'JBossWS password != empty'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'JBossWS principal != sa'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'JBossWS userName != sa'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'jbossws-users.properties - kermit'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'jmx-console password != empty'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'jmx-console principal != sa'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'jmx-console userName != sa'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'jmx-console-users.properties - admin'
Unix
Redhat JBoss EAP 5.x
1.19 - Remove, rename, or comment out the default user accounts from production servers - 'messaging-users.properties - guest'
Unix
Redhat JBoss EAP 5.x
1.024 - System files are not checked for unauthorized changes.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.024 - System files are not checked for unauthorized changes.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.024 - System files will be monitored for unauthorized changes.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.024 - System files will be monitored for unauthorized changes.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.025 - A Server does not have a host-based Intrusion Detection System.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.025 - A Server does not have a host-based Intrusion Detection System.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.025 - Servers will have a host-based Intrusion Detection System.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.025 - Servers will have a host-based Intrusion Detection System.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.029 - Audit logs will be reviewed on a daily basis.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.029 - Audit logs will be reviewed on a daily basis.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.029 - There is no local policy for reviewing audit logs.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.029 - There is no local policy for reviewing audit logs.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.032 - Audit data must be retained for at least one year.
Windows
DISA Windows Server 2008 DC STIG v6r47
1.032 - Audit data must be retained for at least one year.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
1.032 - Audit data must be retained for at least one year.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
1.032 - Audit data must be retained for at least one year.
Windows
DISA Windows Server 2008 MS STIG v6r46
1.100 - The system must initiate a session lock for the screensaver after a period of inactivity for graphical user interfaces.
Unix
Tenable Fedora Linux Best Practices v2.0.0
1.101 - The system must prevent a user from overriding the screensaver idle-activation-enabled setting for the graphical user interface.
Unix
Tenable Fedora Linux Best Practices v2.0.0
1.110 - The system must initiate a session lock for graphical user interfaces when the screensaver is activated.
Unix
Tenable Fedora Linux Best Practices v2.0.0
1.118 - The system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords.
Unix
Tenable Fedora Linux Best Practices v2.0.0