Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001749
CCI
CCI|CCI-001749
Title
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.2.3 Ensure gpgcheck is globally activated - CA that is recognized and approved by the organization.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.6 Ensure software packages have been digitally signed by a Certificate Authority (CA) - CA that is recognized and approved by the organization.
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.1 Audit system file permissions
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AOSX-13-000430 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - AllowIdentifiedDevelopers
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000710 - The macOS system must allow only applications that have a valid digital signature to run - SPApplicationsDataType
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 11 v1r5
APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 11 v1r7
APPL-12-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 12 v1r7
APPL-13-002064 - The macOS system must have the security assessment policy subsystem enabled.
Unix
DISA STIG Apple macOS 13 v1r2
AS24-U1-000230 - Expansion modules must be fully reviewed, tested, and signed before they can exist on a production Apache web server.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware
AS24-U1-000230 - Expansion modules must be fully reviewed, tested, and signed before they can exist on a production Apache web server.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Enable Gatekeeper
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-171
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Enable Gatekeeper
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
DKER-EE-001770 - Docker Incs official GPG key must be added to the host using the users operating systems respective package repository management tooling.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r1
DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source.
Unix
McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5
DTAVSEL-201 - The McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source.
Unix
McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6
DTOO127 - Access - Application add-ins must be signed by Trusted Publisher.
Windows
DISA STIG Office 2010 Access v1r10
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher
Windows
DISA STIG Microsoft Office Access 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher
Windows
DISA STIG Microsoft Publisher 2016 v1r3
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Word 2013 v1r6
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Access 2013 v1r6
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Project 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Excel 2013 v1r7
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Word 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Visio 2013 v1r4
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Project 2013 v1r4
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Excel 2016 v1r2
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft PowerPoint 2016 v1r1
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft InfoPath 2013 v1r5
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Publisher 2013 v1r5
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft PowerPoint 2013 v1r6
DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher.
Windows
DISA STIG Microsoft Visio 2016 v1r1