Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002385
CCI
CCI|CCI-002385
Title
Protect against or limit the effects of organization-defined types of denial of service events.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
3.097 - The system is configured for a greater keep-alive time than recommended.
Windows
DISA Windows 7 STIG v1r32
3.097 - The system is configured for a greater keep-alive time than recommended.
Windows
DISA Windows Server 2008 DC STIG v6r47
3.097 - The system is configured for a greater keep-alive time than recommended.
Windows
DISA Windows Server 2008 MS STIG v6r46
3.097 - The system is configured for a greater keep-alive time than recommended.
Windows
DISA Windows Vista STIG v6r41
3.097 - The system will be configured to limit how often keep-alive packets are sent.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.097 - The system will be configured to limit how often keep-alive packets are sent.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows Vista STIG v6r41
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows Server 2008 MS STIG v6r46
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows 7 STIG v1r32
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows Server 2008 DC STIG v6r47
3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.104 - The system is configured to detect and configure default gateway addresses.
Windows
DISA Windows 7 STIG v1r32
3.104 - The system is configured to detect and configure default gateway addresses.
Windows
DISA Windows Server 2008 MS STIG v6r46
3.104 - The system is configured to detect and configure default gateway addresses.
Windows
DISA Windows Vista STIG v6r41
3.104 - The system is configured to detect and configure default gateway addresses.
Windows
DISA Windows Server 2008 DC STIG v6r47
3.104 - The system will be configured to disable the Internet Router Discover Protocol (IRDP).
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
3.104 - The system will be configured to disable the Internet Router Discover Protocol (IRDP).
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.
Windows
DISA Windows 7 STIG v1r32
3.156 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
4.510 - The system must protect against or limit the effects of Denial of Service (DoS) attacks by validating the operating system is implementing rate-limiting measures on impacted network interfaces - sysctl
Unix
Tenable Fedora Linux Best Practices v2.0.0
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows Server 2008 DC STIG v6r47
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows Vista STIG v6r41
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows Server 2008 MS STIG v6r46
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
5.098 - The system must limit how many times unacknowledged TCP data is retransmitted.
Windows
DISA Windows 7 STIG v1r32
5.239 - Disable heap termination on corruption in Windows Explorer.
Windows
DISA Windows 7 STIG v1r32
5.239 - Windows Explorer - Heap Termination
Windows
DISA Windows Vista STIG v6r41
5.239 - Windows Explorer - Heap Termination
Windows
DISA Windows Server 2008 DC STIG v6r47
5.239 - Windows Explorer - Heap Termination
Windows
DISA Windows Server 2008 MS STIG v6r46
5.239 - Windows Explorer heap termination on corruption will be disabled.
Windows
DISA Windows Server 2008 R2 DC STIG v1r34
5.239 - Windows Explorer heap termination on corruption will be disabled.
Windows
DISA Windows Server 2008 R2 MS STIG v1r33
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces
Unix
DISA STIG AIX 7.x v2r8
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces
Unix
DISA STIG AIX 7.x v2r9
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_core
Unix
DISA STIG AIX 7.x v2r3
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_core
Unix
DISA STIG AIX 7.x v2r5
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_core
Unix
DISA STIG AIX 7.x v2r1
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - bos.net.tcp.client_core
Unix
DISA STIG AIX 7.x v2r6
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_conns
Unix
DISA STIG AIX 7.x v2r5
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_conns
Unix
DISA STIG AIX 7.x v2r3
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_conns
Unix
DISA STIG AIX 7.x v2r1
AIX7-00-003097 - AIX must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring AIX is implementing rate-limiting measures on impacted network interfaces - clean_partial_conns
Unix
DISA STIG AIX 7.x v2r6
AMLS-L3-000260 - Arista MLS must ensure all eBGP routers are configured to use GTSM or are configured to meet RFC3682.
Arista
DISA STIG Arista MLS DCS-7000 Series RTR V1R2
AMLS-L3-000260 - The Arista Multilayer Switch must ensure all Exterior Border Gateway Protocol (eBGP) routers are configured to use Generalized TTL Security Mechanism (GTSM) or are configured to meet RFC3682.
Arista
DISA STIG Arista MLS DCS-7000 Series RTR v1r3
AMLS-L3-000260 - The Arista Multilayer Switch must ensure all Exterior Border Gateway Protocol (eBGP) routers are configured to use Generalized TTL Security Mechanism (GTSM) or are configured to meet RFC3682.
Arista
DISA STIG Arista MLS DCS-7000 Series RTR v1r4
ARST-L2-000030 - The Arista MLS layer 2 switch must be configured for Storm Control to limit the effects of packet flooding types of denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.2x L2S v1r1
ARST-L2-000030 - The Arista MLS layer 2 switch must be configured for Storm Control to limit the effects of packet flooding types of denial-of-service (DoS) attacks.
Arista
DISA STIG Arista MLS EOS 4.2x L2S v2r1
ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts.
Arista
DISA STIG Arista MLS EOS 4.2x L2S v1r1