Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002235
CCI
CCI|CCI-002235
Title
The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.6.1.9 Ensure non-privileged users are prevented from executing privileged functions
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows 7 STIG v1r32
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows Server 2008 MS STIG v6r46
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows Server 2008 DC STIG v6r47
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.
Windows
DISA Windows Vista STIG v6r41
3.030 - Anonymous access to the registry must be restricted - reg check
Windows
DISA Windows Server 2008 MS STIG v6r46
3.030 - Anonymous access to the registry must be restricted - reg check
Windows
DISA Windows Server 2008 DC STIG v6r47
3.030 - Anonymous access to the registry must be restricted - reg check
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.030 - Anonymous access to the registry must be restricted - reg check
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
3.030 - Anonymous access to the registry must be restricted - registry key exist
Windows
DISA Windows 7 STIG v1r32
3.030 - Anonymous access to the registry must be restricted - registry key permissions
Windows
DISA Windows 7 STIG v1r32
3.030 - Anonymous access to the registry must be restricted.
Windows
DISA Windows Server 2008 DC STIG v6r47
3.030 - Anonymous access to the registry must be restricted.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.030 - Anonymous access to the registry must be restricted.
Windows
DISA Windows Vista STIG v6r41
3.030 - Anonymous access to the registry must be restricted.
Windows
DISA Windows Server 2008 MS STIG v6r46
3.030 - Anonymous access to the registry must be restricted.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
4.005 - Unapproved Users have access to Debug programs.
Windows
DISA Windows Server 2008 MS STIG v6r46
4.005 - Unapproved Users have access to Debug programs.
Windows
DISA Windows Vista STIG v6r41
4.005 - Unapproved Users have access to Debug programs.
Windows
DISA Windows Server 2008 DC STIG v6r47
4.009 - Unauthorized users are granted right to Act as part of the operating system.
Windows
DISA Windows Server 2008 DC STIG v6r47
4.009 - Unauthorized users are granted right to Act as part of the operating system.
Windows
DISA Windows Vista STIG v6r41
4.009 - Unauthorized users are granted right to Act as part of the operating system.
Windows
DISA Windows Server 2008 MS STIG v6r46
4.027 - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows 7 STIG v1r32
4.027 - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows Vista STIG v6r41
4.027-DC - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
4.027-DC - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows Server 2008 DC STIG v6r47
4.027-MS - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
4.027-MS - Only administrators responsible for the system must have Administrator rights on the system.
Windows
DISA Windows Server 2008 MS STIG v6r46
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AD.3058_2008 - The Server Operators group must have the ability to schedule jobs by means of the AT command disabled.
Windows
DISA Windows Server 2008 DC STIG v6r47
AD.3058_2008_R2 - The Server Operators group must have the ability to schedule jobs by means of the AT command disabled.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
APPL-12-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Unix
DISA STIG Apple macOS 12 v1r8
APPL-13-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Unix
DISA STIG Apple macOS 13 v1r4
APPL-13-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Unix
DISA STIG Apple macOS 13 v1r3
APPL-14-002069 - The macOS system must require administrator privileges to modify systemwide settings.
Unix
DISA Apple macOS 14 (Sonoma) STIG v1r2
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r7 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r3
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r7
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r1
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r1 Middleware
AS24-W1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.
Windows
DISA STIG Apache Server 2.4 Windows Server v2r1