CCI|CCI-002696

Title

Verify correct operation of organization-defined security functions.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

Name	Plugin	Audit Name
1.3.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Rocky Linux 10 v1.0.0 L2 Workstation
1.3.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Rocky Linux 10 v1.0.0 L2 Server
1.6 UBTU-24-100100	Unix	CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.6.1.3 Ensure SELinux policy is configured	Unix	CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation
1.6.1.3 Ensure SELinux policy is configured	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.6.1.3 Ensure SELinux policy is configured	Unix	CIS Amazon Linux 2 STIG v2.0.0 STIG
1.6.1.3 Ensure SELinux policy is configured	Unix	CIS Amazon Linux 2 STIG v2.0.0 L1 Server
1.6.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Amazon Linux 2 STIG v2.0.0 STIG
1.6.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation
1.6.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Amazon Linux 2 STIG v2.0.0 L2 Server
1.6.1.5 Ensure the SELinux mode is enforcing	Unix	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.7 UBTU-24-100110	Unix	CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.56 OL08-00-010359	Unix	CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.82 OL08-00-010450	Unix	CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.111 UBTU-22-651010	Unix	CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.112 UBTU-22-651015	Unix	CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.152 APPL-14-005100	Unix	CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.298 RHEL-09-431010	Unix	CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I
1.299 RHEL-09-431015	Unix	CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.351 RHEL-09-651010	Unix	CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
ALMA-09-045230 - AlmaLinux OS 9 must enable the SELinux targeted policy.	Unix	DISA CloudLinux AlmaLinux OS 9 STIG v1r4
ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.	Unix	DISA CloudLinux AlmaLinux OS 9 STIG v1r4
APPL-14-005100 - The macOS system must ensure secure boot level set to full.	Unix	DISA Apple macOS 14 Sonoma STIG v2r4
APPL-15-005100 - The macOS system must ensure Secure Boot level is set to "full".	Unix	DISA Apple macOS 15 Sequoia STIG v1r5
APPL-26-005100 - The macOS system must ensure Secure Boot level is set to "full".	Unix	DISA Apple macOS 26 Tahoe STIG v1r1
AZLX-23-001060 - Amazon Linux 2023 must have the Advanced Intrusion Detection Environment (AIDE) package installed.	Unix	DISA Amazon Linux 2023 STIG v1r2
AZLX-23-002445 - Amazon Linux 2023 must enable the SELinux targeted policy.	Unix	DISA Amazon Linux 2023 STIG v1r2
AZLX-23-002450 - Amazon Linux 2023 must use a Linux Security Module configured to enforce limits on system services.	Unix	DISA Amazon Linux 2023 STIG v1r2
ESXI-80-000085 - The ESXi host must implement Secure Boot enforcement.	Unix	DISA VMware vSphere 8.0 ESXi STIG v2r3 Unix
GEN006570 - The file integrity tool must be configured to verify ACLs - config	Unix	DISA STIG Solaris 10 X86 v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - config	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - used	Unix	DISA STIG Solaris 10 X86 v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs - used	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN006570 - The file integrity tool must be configured to verify ACLs.	Unix	DISA STIG for Oracle Linux 5 v2r1
GEN006571 - The file integrity tool must be configured to verify extended attributes - config	Unix	DISA STIG Solaris 10 X86 v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - config	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - used	Unix	DISA STIG Solaris 10 SPARC v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes - used	Unix	DISA STIG Solaris 10 X86 v2r4
GEN006571 - The file integrity tool must be configured to verify extended attributes.	Unix	DISA STIG for Oracle Linux 5 v2r1
OL07-00-020029 - The Oracle Linux operating system must use a file integrity tool to verify correct operation of all security functions.	Unix	DISA Oracle Linux 7 STIG v3r3
OL07-00-020029 - The Oracle Linux operating system must use a file integrity tool to verify correct operation of all security functions.	Unix	DISA Oracle Linux 7 STIG v3r5
OL07-00-020210 - The Oracle Linux operating system must enable SELinux.	Unix	DISA Oracle Linux 7 STIG v3r3
OL07-00-020210 - The Oracle Linux operating system must enable SELinux.	Unix	DISA Oracle Linux 7 STIG v3r5
OL07-00-020220 - The Oracle Linux operating system must enable the SELinux targeted policy.	Unix	DISA Oracle Linux 7 STIG v3r5
OL07-00-020220 - The Oracle Linux operating system must enable the SELinux targeted policy.	Unix	DISA Oracle Linux 7 STIG v3r3
OL08-00-010359 - The OL 8 operating system must use a file integrity tool to verify correct operation of all security functions.	Unix	DISA Oracle Linux 8 STIG v2r6
OL08-00-010450 - OL 8 must enable the SELinux targeted policy.	Unix	DISA Oracle Linux 8 STIG v2r6
OL09-00-000060 - OL 9 must use a Linux Security Module configured to enforce limits on system services.	Unix	DISA Oracle Linux 9 STIG v1r3
OL09-00-000065 - OL 9 must enable the SELinux targeted policy.	Unix	DISA Oracle Linux 9 STIG v1r3
OL09-00-000300 - OL 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.	Unix	DISA Oracle Linux 9 STIG v1r3

Detections

Analytics

CCI|CCI-002696

Title

Reference Item Details

Audit Items