Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002165
CCI
CCI|CCI-002165
Title
Enforce organization-defined discretionary access control policies over defined subjects and objects.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.6.1.3 Ensure SELinux policy is configured
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
1.6.1.3 Ensure SELinux policy is configured
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.3 Ensure SELinux policy is configured
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.6.1.3 Ensure SELinux policy is configured
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
1.6.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
1.6.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.6.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Amazon Linux 2 STIG v2.0.0 L2 Server
1.6.1.5 Ensure the SELinux mode is enforcing
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.9 Ensure non-privileged users are prevented from executing privileged functions
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.9 Ensure non-privileged users are prevented from executing privileged functions
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
1.16 UBTU-24-100500
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.25 RHEL-09-213030
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.26 RHEL-09-213035
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.61 OL08-00-010373
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.64 OL08-00-010374
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.86 UBTU-22-431010
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.309 RHEL-09-432035
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
2.006 - ACLs for system files and directories do not conform to minimum requirements. - 'C:'
Windows
DISA Windows Vista STIG v6r41
2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Program Files'
Windows
DISA Windows Vista STIG v6r41
2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Windows'
Windows
DISA Windows Vista STIG v6r41
6.1.11 Ensure no unowned files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
6.1.11 Ensure no unowned files or directories exist
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.11 Ensure no unowned files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
6.1.11 Ensure no unowned files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Server
6.1.12 Ensure no ungrouped files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
6.1.12 Ensure no ungrouped files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 STIG
6.1.12 Ensure no ungrouped files or directories exist
Unix
CIS Amazon Linux 2 STIG v2.0.0 L1 Server
6.1.12 Ensure no ungrouped files or directories exist
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-003020 - AIX must use Trusted Execution (TE) Check policy.
Unix
DISA STIG AIX 7.x v3r1
AIX7-00-003098 - AIX must allow admins to send a message to all the users who logged in currently.
Unix
DISA STIG AIX 7.x v3r1
AIX7-00-003099 - AIX must allow admins to send a message to a user who logged in currently.
Unix
DISA STIG AIX 7.x v3r1
ALMA-09-032470 - AlmaLinux OS 9 must restrict the use of the "su" command.
Unix
DISA CloudLinux AlmaLinux OS 9 STIG v1r3
AZLX-23-001005 - Amazon Linux 2023 must not be configured to bypass password requirements for privilege escalation.
Unix
DISA Amazon Linux 2023 STIG v1r1
AZLX-23-002440 - Amazon Linux 2023 must restrict the use of the "su" command.
Unix
DISA Amazon Linux 2023 STIG v1r1
AZLX-23-002535 - Amazon Linux 2023 must enable discretionary access control on hardlinks.
Unix
DISA Amazon Linux 2023 STIG v1r1
AZLX-23-002540 - Amazon Linux 2023 must enable kernel parameters to enforce discretionary access control on symlinks.
Unix
DISA Amazon Linux 2023 STIG v1r1
Big Sur - Allow Administrators to Modify Security Settings and System Attributes
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Allow Administrators to Promote Other Users to Administrator Status
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Allow Information Transfer with Other Operating Systems
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Allow Administrators to Modify Security Settings and System Attributes
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Allow Administrators to Promote Other Users to Administrator Status
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Allow Information Transfer with Other Operating Systems
Unix
NIST macOS Catalina v1.5.0 - All Profiles
CD12-00-002200 - PostgreSQL must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects.
Unix
DISA STIG Crunchy Data PostgreSQL OS v3r1
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DTOO199 - Changing permissions on rights managed content for users must be enforced.
Windows
DISA STIG Microsoft Office System 2013 v2r2
DTOO199 - Office System - Changing permissions on rights managed content for users must be enforced.
Windows
DISA STIG Office System 2010 v1r13
DTOO200 - Office System - Office must be configured to not allow read with browsers.
Windows
DISA STIG Office System 2010 v1r13
