CCI|CCI-000382

Title

The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.5.3.2.3 Ensure iptables rules exist for all open ports - PPSM CLSA and vulnerability assessments.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-003088 - If Stream Control Transmission Protocol (SCTP) must be disabled on AIX.UnixDISA STIG AIX 7.x v2r6
AIX7-00-003089 - The Reliable Datagram Sockets (RDS) protocol must be disabled on AIX.UnixDISA STIG AIX 7.x v2r6
AMLS-NM-000210 - The Arista Multilayer Switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.AristaDISA STIG Arista MLS DCS-7000 Series NDM v1r3
AOSX-13-000530 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000975 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple Mac OSX 10.15 v1r8
AOSX-15-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 11 v1r6
APPL-11-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 11 v1r6
APPL-12-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple.UnixDISA STIG Apple macOS 12 v1r4
APPL-12-002022 - The macOS system must be configured to disable Remote Apple Events.UnixDISA STIG Apple macOS 12 v1r4
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port OnlyUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port OnlyUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs OnlyUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs OnlyUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port OnlyWindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs OnlyWindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W2-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port OnlyWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs OnlyWindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Remote Apple EventsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable Sending Diagnostic and Usage Data to AppleUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
BIND-9X-001053 - The BIND 9.x server implementation must be configured to use only approved ports and protocols.UnixDISA BIND 9.x STIG v2r2
CASA-ND-000430 - The Cisco ASA must be configured to prohibit the use of all unnecessary and/or non-secure functions, ports, protocols, and/or services - HTTPCiscoDISA STIG Cisco ASA NDM v1r1
CASA-ND-000430 - The Cisco ASA must be configured to prohibit the use of all unnecessary and/or non-secure functions, ports, protocols, and/or services - TelnetCiscoDISA STIG Cisco ASA NDM v1r1
CASA-VN-000160 - The Cisco ASA must be configured to use Internet Key Exchange v2 (IKEv2) for all IPsec security associations - InterfaceCiscoDISA STIG Cisco ASA VPN v1r1
CASA-VN-000160 - The Cisco ASA must be configured to use Internet Key Exchange v2 (IKEv2) for all IPsec security associations - IPsec PhaseCiscoDISA STIG Cisco ASA VPN v1r1
CASA-VN-000160 - The Cisco ASA must be configured to use Internet Key Exchange v2 (IKEv2) for all IPsec security associations - PolicyCiscoDISA STIG Cisco ASA VPN v1r1