Detections
Analytics

CCI|CCI-002235

Title

The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6.1.9 Ensure non-privileged users are prevented from executing privileged functionsUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows 7 STIG v1r32
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 MS STIG v6r46
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 DC STIG v6r47
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Vista STIG v6r41
3.030 - Anonymous access to the registry must be restricted - reg checkWindowsDISA Windows Server 2008 MS STIG v6r46
3.030 - Anonymous access to the registry must be restricted - reg checkWindowsDISA Windows Server 2008 DC STIG v6r47
3.030 - Anonymous access to the registry must be restricted - reg checkWindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.030 - Anonymous access to the registry must be restricted - reg checkWindowsDISA Windows Server 2008 R2 MS STIG v1r33
3.030 - Anonymous access to the registry must be restricted - registry key existWindowsDISA Windows 7 STIG v1r32
3.030 - Anonymous access to the registry must be restricted - registry key permissionsWindowsDISA Windows 7 STIG v1r32
3.030 - Anonymous access to the registry must be restricted.WindowsDISA Windows Server 2008 DC STIG v6r47
3.030 - Anonymous access to the registry must be restricted.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
3.030 - Anonymous access to the registry must be restricted.WindowsDISA Windows Vista STIG v6r41
3.030 - Anonymous access to the registry must be restricted.WindowsDISA Windows Server 2008 MS STIG v6r46
3.030 - Anonymous access to the registry must be restricted.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
4.005 - Unapproved Users have access to Debug programs.WindowsDISA Windows Server 2008 MS STIG v6r46
4.005 - Unapproved Users have access to Debug programs.WindowsDISA Windows Vista STIG v6r41
4.005 - Unapproved Users have access to Debug programs.WindowsDISA Windows Server 2008 DC STIG v6r47
4.009 - Unauthorized users are granted right to Act as part of the operating system.WindowsDISA Windows Server 2008 DC STIG v6r47
4.009 - Unauthorized users are granted right to Act as part of the operating system.WindowsDISA Windows Vista STIG v6r41
4.009 - Unauthorized users are granted right to Act as part of the operating system.WindowsDISA Windows Server 2008 MS STIG v6r46
4.027 - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows 7 STIG v1r32
4.027 - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows Vista STIG v6r41
4.027-DC - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
4.027-DC - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows Server 2008 DC STIG v6r47
4.027-MS - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
4.027-MS - Only administrators responsible for the system must have Administrator rights on the system.WindowsDISA Windows Server 2008 MS STIG v6r46
6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor valuesUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AD.3058_2008 - The Server Operators group must have the ability to schedule jobs by means of the AT command disabled.WindowsDISA Windows Server 2008 DC STIG v6r47
AD.3058_2008_R2 - The Server Operators group must have the ability to schedule jobs by means of the AT command disabled.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
APPL-12-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.UnixDISA STIG Apple macOS 12 v1r8
APPL-13-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.UnixDISA STIG Apple macOS 13 v1r4
APPL-13-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.UnixDISA STIG Apple macOS 13 v1r3
APPL-14-002069 - The macOS system must require administrator privileges to modify systemwide settings.UnixDISA Apple macOS 14 (Sonoma) STIG v1r2
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r7 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r3
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r3 Middleware
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r6
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r7
AS24-U1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Server v2r6 Middleware
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Site v2r1
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.UnixDISA STIG Apache Server 2.4 Unix Site v2r1 Middleware
AS24-W1-000690 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account.WindowsDISA STIG Apache Server 2.4 Windows Server v2r1