Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001084
CCI
CCI|CCI-001084
Title
Isolate security functions from nonsecurity functions.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.3.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Rocky Linux 10 v1.0.0 L2 Workstation
1.3.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Rocky Linux 10 v1.0.0 L2 Server
1.16 RHEL-09-212035
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.17 RHEL-09-212040
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.18 RHEL-09-212045
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.28 OL08-00-010170
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.29 OL08-00-010171
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT III
1.76 OL08-00-010421
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.77 OL08-00-010422
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.78 OL08-00-010423
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.89 UBTU-22-432015
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I
1.105 UBTU-24-600130
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I
1.298 RHEL-09-431010
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I
1.302 RHEL-09-431025
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
3.130 - User Account Control - Behavior of elevation prompt for administrators
Windows
DISA Windows Vista STIG v6r41
3.132 - User Account Control - Detect Application Installations
Windows
DISA Windows Vista STIG v6r41
3.134 - User Account Control - Elevate UIAccess applications that are in secure locations
Windows
DISA Windows Vista STIG v6r41
3.135 - User Account Control - Switch to secure desktop
Windows
DISA Windows Vista STIG v6r41
3.136 - User Account Control - Non UAC Compliant Application Virtualization
Windows
DISA Windows Vista STIG v6r41
3.141 - User Account Control - Executable Elevation
Windows
DISA Windows Vista STIG v6r41
5.132 - Require username and password to elevate a running application.
Windows
DISA Windows Vista STIG v6r41
ALMA-09-041930 - AlmaLinux OS 9 must use a Linux Security Module configured to enforce limits on system services.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-042040 - AlmaLinux OS 9 must have the policycoreutils package installed.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r4
AS24-U2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware
AS24-U2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r6
AS24-W1-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.
Windows
DISA STIG Apache Server 2.4 Windows Server v3r3
AS24-W1-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.
Windows
DISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.
Windows
DISA Apache Server 2.4 Windows Site STIG v2r2
AZLX-23-001110 - Amazon Linux 2023 must have the policycoreutils package installed.
Unix
DISA Amazon Linux 2023 STIG v1r2
AZLX-23-002450 - Amazon Linux 2023 must use a Linux Security Module configured to enforce limits on system services.
Unix
DISA Amazon Linux 2023 STIG v1r2
Big Sur - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Catalina - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure the System to Separate User and System Functionality - isolate
Unix
NIST macOS Catalina v1.5.0 - All Profiles
CD12-00-004000 - PostgreSQL must isolate security functions from non-security functions.
Unix
DISA STIG Crunchy Data PostgreSQL OS v3r1
CNTR-K8-001620 - Kubernetes Kubelet must enable kernel protection.
Unix
DISA STIG Kubernetes v2r4
CNTR-R2-000940 - Rancher RKE2 runtime must isolate security functions from nonsecurity functions.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r4
DB2X-00-005500 - DB2 must isolate security functions from non-security functions
IBM_DB2DB
DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DTBI356-IE11 - The 64-bit tab processes, when running in Enhanced Protected Mode on 64-bit versions of Windows, must be turned on.
Windows
DISA STIG IE 11 v2r5
DTBI485-IE11 - Protected Mode must be enforced (Internet zone).
Windows
DISA STIG IE 11 v2r5
DTBI490-IE11 - Protected Mode must be enforced (Restricted Sites zone).
Windows
DISA STIG IE 11 v2r5
DTBI610-IE11 - Internet Explorer Processes for Zone Elevation must be enforced (Reserved).
Windows
DISA STIG IE 11 v2r5
DTBI612-IE11 - Internet Explorer Processes for Zone Elevation must be enforced (Explorer).
Windows
DISA STIG IE 11 v2r5
DTBI614-IE11 - Internet Explorer Processes for Zone Elevation must be enforced (iexplore).
Windows
DISA STIG IE 11 v2r5
EP11-00-005800 - The EDB Postgres Advanced Server must isolate security functions from non-security functions.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-005800 - The EDB Postgres Advanced Server must isolate security functions from nonsecurity functions.
PostgreSQLDB
EnterpriseDB PostgreSQL Advanced Server DB v2r1
IIST-SI-000224 - The IIS 10.0 website document directory must be in a separate partition from the IIS 10.0 websites system files.
Windows
DISA IIS 10.0 Site v2r13
IISW-SI-000224 - The IIS 8.5 website document directory must be in a separate partition from the IIS 8.5 websites system files.
Windows
DISA IIS 8.5 Site v2r9
