Detections
Analytics

CCI|CCI-000368

Title

The organization documents any deviations from the established configuration settings for organization-defined information system components based on organization-defined operational requirements.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4.4 Ensure boot loader does not allow removable mediaUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.10 Ensure system device files are labeled - device_tUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.10 Ensure system device files are labeled - unlabeled_tUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.2.21 Ensure the TFTP server has not been installed - TFTP server package installed if not required for operational support.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.30 Ensure SSH does not permit GSSAPI - GSSAPI authentication unless needed.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.31 Ensure SSH does not permit Kerberos authenticationUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.9 Ensure local interactive user accounts umask is 077UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
GEN002380 - The owner, group-owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedureUnixDISA STIG HP-UX 11.31 v1r19
GEN002380 - The owner, group-owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.UnixDISA STIG for Oracle Linux 5 v1r14
GEN002380 - The owner, group-owner, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.UnixDISA STIG for Oracle Linux 5 v2r1
GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 5.3 v1r2
GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 6.1 v1r13
GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 6.1 v1r14
GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit
GEN002380 - The owner, group, mode, ACL, and location of files with the setuid bit set must be documented using site-defined procedures.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN002440 - The owner, group-owner, mode, ACL and location of files with the 'sgid' bit set must be documented.UnixDISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit
GEN002440 - The owner, group-owner, mode, ACL and location of files with the setgid bit set must be documented using site-defined procedures - sgid bit set must be documented.UnixDISA STIG for Oracle Linux 5 v1r14
GEN002440 - The owner, group-owner, mode, ACL and location of files with the setgid bit set must be documented using site-defined procedures - sgid bit set must be documented.UnixDISA STIG for Oracle Linux 5 v2r1
GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documentedUnixDISA STIG HP-UX 11.31 v1r19
GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 6.1 v1r14
GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 5.3 v1r2
GEN002440 - The owner, group, mode, ACL, and location of files with the setgid bit set must be documented using site-defined proceduresUnixDISA STIG AIX 6.1 v1r13
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r12
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r4
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r7
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r8
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r5
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - device_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r10
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r5
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r8
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r10
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r7
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r12
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification - unlabeled_tUnixDISA Red Hat Enterprise Linux 7 STIG v3r4
RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification.UnixDISA Red Hat Enterprise Linux 7 STIG v3r14
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r10
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r14
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r8
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r5
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r7
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r12
RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.UnixDISA Red Hat Enterprise Linux 7 STIG v3r4
RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved - menuentryUnixDISA Red Hat Enterprise Linux 7 STIG v3r12
RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved - menuentryUnixDISA Red Hat Enterprise Linux 7 STIG v3r10
RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved - set rootUnixDISA Red Hat Enterprise Linux 7 STIG v3r10
RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved - set rootUnixDISA Red Hat Enterprise Linux 7 STIG v3r12