CCI|CCI-001813

Title

The information system enforces access restrictions.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4.4 Ensure boot loader does not allow removable mediaUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.10 Ensure system device files are labeled - device_tUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.10 Ensure system device files are labeled - unlabeled_tUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.2.21 Ensure the TFTP server has not been installed - TFTP server package installed if not required for operational support.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.30 Ensure SSH does not permit GSSAPI - GSSAPI authentication unless needed.UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.31 Ensure SSH does not permit Kerberos authenticationUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.5.9 Ensure local interactive user accounts umask is 077UnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AADC-CL-000840 - Adobe Acrobat Pro DC Classic privileged file and folder locations must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CL-001325 - Adobe Acrobat Pro DC Classic privileged host locations must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CN-000840 - Adobe Acrobat Pro DC Continuous privileged file and folder locations must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
AADC-CN-001325 - Adobe Acrobat Pro DC Continuous privileged host locations must be disabled.WindowsDISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
ADBP-XI-000840 - Adobe Acrobat Pro XI privileged file and folder locations must be disabled.WindowsDISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-001325 - Adobe Acrobat Pro XI privileged site locations must be disabled.WindowsDISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-001330 - Adobe Acrobat Pro XI privileged host locations must be disabled.WindowsDISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-001335 - Adobe Acrobat Pro XI certified document trust must be disabled.WindowsDISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/groupUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/audit/configUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/environUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/groupUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/limitsUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/login.cfgUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/passwd readUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/passwd writeUnixDISA STIG AIX 7.x v2r6
AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events - /etc/security/userUnixDISA STIG AIX 7.x v2r6
AOSX-13-000554 - The macOS system must not have a guest account - Guest accountUnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000554 - The macOS system must not have a guest account - Guest fdesetupUnixDISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002063 - The macOS system must disable the guest account.UnixDISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002063 - The macOS system must enforce access restrictions.UnixDISA STIG Apple Mac OSX 10.15 v1r8
APPL-11-002063 - The macOS system must enforce access restrictions.UnixDISA STIG Apple macOS 11 v1r5
APPL-11-002063 - The macOS system must enforce access restrictions.UnixDISA STIG Apple macOS 11 v1r6
APPL-12-002063 - The macOS system must enforce access restrictions.UnixDISA STIG Apple macOS 12 v1r3
ARDC-CL-000315 - Adobe Reader DC must disable the ability to add Trusted Files and Folders.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000320 - Adobe Reader DC must disable the ability to specify Host-Based Privileged Locations.WindowsDISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000315 - Adobe Reader DC must disable the ability to add Trusted Files and Folders.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000320 - Adobe Reader DC must disable the ability to elevate IE Trusts to Privileged Locations.WindowsDISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U1-000440 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.UnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000440 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.UnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-W1-000280 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.WindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W2-000440 - Anonymous user access to the Apache web server application directories must be prohibited.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Disable the Guest AccountUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High