Audits
Settings
Links
Tenable.io
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Links
Tenable.io
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Audits
References
CCI
CCI-001744
CCI
CCI|CCI-001744
Title
The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.3.1 Ensure AIDE is installed
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - aide
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - cron
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.2 Ensure filesystem integrity is regularly checked - mail
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
Big Sur - Configure the System to Notify upon Baseline Configuration Changes
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Configure the System to Notify upon Baseline Configuration Changes
Unix
NIST macOS Catalina v1.5.0 - All Profiles
F5BI-DM-000211 - The BIG-IP appliance must be configured to implement automated security responses if baseline configurations are changed in an unauthorized manner.
F5
DISA F5 BIG-IP Device Management 11.x STIG v2r1
GEN000140 - A file integrity baseline must be created and maintained.
Unix
DISA STIG Solaris 10 SPARC v2r2
GEN000140 - A file integrity baseline must be created and maintained.
Unix
DISA STIG Solaris 10 X86 v2r2
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - '/etc/aide.conf must exist'
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'cryptographic hash is used '
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'database location'
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - '/etc/aide.conf exists'
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000140-3 - A file integrity baseline including cryptographic hashes must be maintained - 'database has been configured'
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
Unix
DISA STIG Solaris 10 SPARC v2r2
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
Unix
DISA STIG for Oracle Linux 5 v2r1
GEN000220 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
Unix
DISA STIG Solaris 10 X86 v2r2
GEN002260 - The system must be checked for extraneous device files at least weekly.
Unix
DISA STIG Solaris 10 X86 v2r2
GEN002260 - The system must be checked for extraneous device files at least weekly.
Unix
DISA STIG Solaris 10 SPARC v2r2
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.
Unix
DISA STIG Solaris 10 SPARC v2r2
GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files.
Unix
DISA STIG Solaris 10 X86 v2r2
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.
Unix
DISA STIG Solaris 10 X86 v2r2
GEN002460 - The system must be checked weekly for unauthorized setgid files, as well as, unauthorized modification to authorized setgid files.
Unix
DISA STIG Solaris 10 SPARC v2r2
Monterey - Configure the System to Notify upon Baseline Configuration Changes
Unix
NIST macOS Monterey v1.0.0 - All Profiles
OL6-00-000016 - A file integrity tool must be installed.
Unix
DISA STIG Oracle Linux 6 v2r6
OL6-00-000302 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
Unix
DISA STIG Oracle Linux 6 v2r6
OL6-00-000303 - The operating system must employ automated mechanisms, per organization defined frequency, to detect the addition of unauthorized components/devices into the operating system.
Unix
DISA STIG Oracle Linux 6 v2r6
OL6-00-000305 - The operating system must provide a near real-time alert when any of the organization defined list of compromise or potential compromise indicators occurs.
Unix
DISA STIG Oracle Linux 6 v2r6
OL6-00-000306 - The operating system must detect unauthorized changes to software and information.
Unix
DISA STIG Oracle Linux 6 v2r6
OL6-00-000307 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked.
Unix
DISA STIG Oracle Linux 6 v2r6
OL07-00-020030 - The Oracle Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly - aide
Unix
DISA Oracle Linux 7 STIG v2r9
OL07-00-020030 - The Oracle Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly - cron
Unix
DISA Oracle Linux 7 STIG v2r9
OL07-00-020040 - The Oracle Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - aide
Unix
DISA Oracle Linux 7 STIG v2r9
OL07-00-020040 - The Oracle Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - cron
Unix
DISA Oracle Linux 7 STIG v2r9
OL08-00-010360 - The OL 8 file integrity tool must notify the System Administrator (SA) when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency - aide
Unix
DISA Oracle Linux 8 STIG v1r2
OL08-00-010360 - The OL 8 file integrity tool must notify the System Administrator (SA) when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency - aide
Unix
DISA Oracle Linux 8 STIG v1r4
PHTN-67-000018 - The Photon operating system must have the auditd service running.
Unix
DISA STIG VMware vSphere 6.7 Photon OS v1r3
RHEL-07-020030 - The Red Hat Enterprise Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly - aide
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-020030 - The Red Hat Enterprise Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly - cron
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-020040 - The Red Hat Enterprise Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - aide
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-07-020040 - The Red Hat Enterprise Linux operating system must be configured so that designated personnel are notified if baseline configurations are changed in an unauthorized manner - cron
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r9
RHEL-08-010360 - The RHEL 8 file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency - aide
Unix
DISA Red Hat Enterprise Linux 8 STIG v1r8
SLES-12-010500 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly - crontab
Unix
DISA SLES 12 STIG v2r7
SLES-12-010500 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.
Unix
DISA SLES 12 STIG v2r7
SLES-15-010420 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly - crontab
Unix
DISA SLES 15 STIG v1r6
SLES-15-010420 - Advanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.
Unix
DISA SLES 15 STIG v1r6
SOL-11.1-020190 - The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.
Unix
DISA STIG Solaris 11 X86 v2r6
SOL-11.1-020190 - The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system.
Unix
DISA STIG Solaris 11 SPARC v2r6
UBTU-16-010540 - The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered - default
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-010540 - The file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered - silentreports
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
