Detections
Analytics

CCI|CCI-000778

Title

Uniquely identify organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1.9 Ensure usb-storage kernel module is not availableUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Workstation
1.1.1.9 Ensure usb-storage kernel module is not availableUnixCIS Ubuntu Linux 22.04 LTS v3.0.0 L1 Server
1.1.1.10 Ensure usb-storage kernel module is not availableUnixCIS Debian Linux 13 v1.0.0 L1 Server
1.1.1.10 Ensure usb-storage kernel module is not availableUnixCIS Debian Linux 13 v1.0.0 L2 Workstation
1.1.1.10 Ensure usb-storage kernel module is not availableUnixCIS Rocky Linux 10 v1.0.0 L2 Workstation
1.1.1.10 Ensure usb-storage kernel module is not availableUnixCIS Rocky Linux 10 v1.0.0 L1 Server
1.1.27 Disable AutomountingUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.1.27 Disable AutomountingUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.1.28 Disable USB StorageUnixCIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.1.28 Disable USB Storage - /bin/trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.1.28 Disable USB Storage - blacklistUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.4 Ensure GDM automount is configuredUnixCIS Rocky Linux 10 v1.0.0 L2 Workstation
1.8.4 Ensure GDM automount is configuredUnixCIS Rocky Linux 10 v1.0.0 L1 Server
1.8.15 Ensure graphical user interface automounter is disabledUnixCIS Amazon Linux 2 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automountUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-openUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount-open=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - automount=falseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - autorun-neverUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=trueUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.76 RHEL-09-231040UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.239 RHEL-09-271020UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.240 RHEL-09-271025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.242 RHEL-09-271035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.259 RHEL-09-291010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.300 OL08-00-040070UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.301 OL08-00-040080UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
AIX7-00-001025 - AIX must configure the ttys value for all interactive users.UnixDISA STIG AIX 7.x v3r1
ALMA-09-031370 - AlmaLinux OS 9 must be configured to disable USB mass storage.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-034890 - AlmaLinux OS 9 must disable the graphical user interface automount function unless required.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-035000 - AlmaLinux OS 9 must prevent a user from overriding the disabling of the graphical user interface automount function.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-035110 - AlmaLinux OS 9 must prevent a user from overriding the disabling of the graphical user interface autorun function.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-035550 - AlmaLinux OS 9 must not have the autofs package installed.UnixDISA CloudLinux AlmaLinux OS 9 STIG v1r4
AMLS-L2-000120 - The Arista Multilayer Switch must uniquely identify all network-connected endpoint devices before establishing any connection - aaa auth dot1x default groupAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r3
AMLS-L2-000120 - The Arista Multilayer Switch must uniquely identify all network-connected endpoint devices before establishing any connection - dot1x system-auth-controlAristaDISA STIG Arista MLS DCS-7000 Series L2S v1r3
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.AristaDISA STIG Arista MLS EOS 4.2x L2S v2r1
ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection.AristaDISA Arista MLS EOS 4.X L2S STIG v2r3
BIND-9X-001106 - The BIND 9.x server implementation must utilize separate TSIG key-pairs when securing server-to-server transactions.UnixDISA BIND 9.x STIG v2r3
CASA-VN-000310 - The Cisco ASA VPN gateway must be configured to identify all peers before establishing a connection.CiscoDISA STIG Cisco ASA VPN v2r2
Catalina - The macOS system must uniquely identify peripherals before establishing a connection.UnixNIST macOS Catalina v1.5.0 - All Profiles
CISC-L2-000020 - The Cisco switch must uniquely identify all network-connected endpoint devices before establishing any connection.CiscoDISA Cisco NX OS Switch L2S STIG v3r2
CISC-L2-000020 - The Cisco switch must uniquely identify and authenticate all network-connected endpoint devices before establishing any connection.CiscoDISA Cisco IOS XE Switch L2S STIG v3r2
CISC-L2-000020 - The Cisco switch must uniquely identify and authenticate all network-connected endpoint devices before establishing any connection.CiscoDISA Cisco IOS Switch L2S STIG v3r1
F5BI-AP-300160 - The F5 BIG-IP must be configured to identify and authenticate all endpoint devices or peers before establishing a connection.F5DISA F5 BIG-IP TMOS ALG STIG v1r2
F5BI-DN-300013 - An authoritative name server must be configured to enable DNSSEC Resource Records.F5DISA F5 BIG-IP TMOS DNS STIG v1r1
JBOS-AS-000285 - The JBoss server must be configured to bind the management interfaces to only management networks.UnixDISA JBoss Enterprise Application Platform 6.3 STIG v2r6