CCI|CCI-001090

Title

The information system prevents unauthorized and unintended information transfer via shared system resources.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.015 - File share ACLs have not been reconfigured to remove the Everyone group.WindowsDISA Windows Vista STIG v6r41
3.018 - Anonymous shares are not restricted. - RestrictAnonymousWindowsDISA Windows Vista STIG v6r41
3.018 - Anonymous shares are not restricted. - RestrictAnonymousSAMWindowsDISA Windows Vista STIG v6r41
3.063 - Unauthorized named pipes are accessible with anonymous credentials.WindowsDISA Windows Vista STIG v6r41
3.064 - Unauthorized registry paths are remotely accessible.WindowsDISA Windows Vista STIG v6r41
3.065 - Unauthorized shares can be accessed anonymously.WindowsDISA Windows Vista STIG v6r41
3.068 - Solicited Remote Assistance is allowed.WindowsDISA Windows Vista STIG v6r41
3.072 - The system is not configured to use the Classic security model.WindowsDISA Windows Vista STIG v6r41
3.082 - The system is configured to allow unsolicited remote assistance offers.WindowsDISA Windows Vista STIG v6r41
3.108 - Unauthorized registry paths and sub-paths are remotely accessible.WindowsDISA Windows Vista STIG v6r41
3.116 - Named Pipes and Shares can be accessed anonymously.WindowsDISA Windows Vista STIG v6r41
5.118 - Terminal Services / Remote Desktop Services - Local drives prevented from sharing with Terminal Servers.WindowsDISA Windows Vista STIG v6r41
AOSX-13-000240 - The macOS system must enable System Integrity Protection.UnixDISA STIG Apple Mac OSX 10.13 v2r5
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
BIND-9X-000001 - A BIND 9.x server implementation must be running in a chroot(ed) directory structure.UnixDISA BIND 9.x STIG v2r2
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure the System to Prevent the Unauthorized Disclosure of Data via Shared ResourcesUnixNIST macOS Catalina v1.5.0 - 800-171
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Audit LogUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Audit LogWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Backup HistoryWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Backup HistoryUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - DatabaseUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - DatabaseWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - InstanceUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - InstanceWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - LOGARCHMETHUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - LOGARCHMETHWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Transaction PathsUnixDISA STIG IBM DB2 v10.5 LUW v1r4 OS Linux
DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users - Transaction PathsWindowsDISA STIG IBM DB2 v10.5 LUW v1r4 OS Windows
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.UnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccessUnixDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r1
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member accessUnixDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
EP11-00-006100 - Access to database files must be limited to relevant processes and to authorized, administrative users.WindowsEDB PostgreSQL Advanced Server v11 Windows OS Audit v2r1
GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor.UnixDISA STIG for Oracle Linux 5 v2r1
GEN002300 - Device files used for backup must only be readable and/or writable by root or the backup user.UnixDISA STIG for Oracle Linux 5 v2r1
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/audio*'UnixDISA STIG for Oracle Linux 5 v2r1
GEN002320 - Audio devices must have mode 0660 or less permissive - '/dev/snd/*'UnixDISA STIG for Oracle Linux 5 v2r1
GEN002330 - Audio devices must not have extended ACLs - '/dev/audio*'UnixDISA STIG for Oracle Linux 5 v2r1
GEN002330 - Audio devices must not have extended ACLs - '/dev/snd/*'UnixDISA STIG for Oracle Linux 5 v2r1