CCI|CCI-002824

Title

The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-003096 - AIX must set Stack Execution Disable (SED) system wide mode to all.UnixDISA STIG AIX 7.x v2r6
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - All Profiles
OL07-00-040201 - The Oracle Linux operating system must implement virtual address space randomization - configUnixDISA Oracle Linux 7 STIG v2r9
OL07-00-040201 - The Oracle Linux operating system must implement virtual address space randomization - sysctlUnixDISA Oracle Linux 7 STIG v2r9
OL08-00-010420 - OL 8 must implement non-executable data to protect its memory from unauthorized code execution - /proc/cpuinfoUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-010420 - OL 8 must implement non-executable data to protect its memory from unauthorized code execution - dmesg NXUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-010430 - OL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - configuration filesUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-010430 - OL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - multiple filesUnixDISA Oracle Linux 8 STIG v1r2
OL08-00-010430 - OL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - sysctlUnixDISA Oracle Linux 8 STIG v1r2
PHTN-67-000069 - The Photon operating system must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r3
RHEL-08-010420 - RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution - /proc/cpuinfoUnixDISA Red Hat Enterprise Linux 8 STIG v1r7
RHEL-08-010420 - RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution - dmesg NXUnixDISA Red Hat Enterprise Linux 8 STIG v1r7
RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - conf filesUnixDISA Red Hat Enterprise Linux 8 STIG v1r7
RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - sysctlUnixDISA Red Hat Enterprise Linux 8 STIG v1r7
SLES-12-030320 - The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.UnixDISA SLES 12 STIG v2r7
SLES-12-030330 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution.UnixDISA SLES 12 STIG v2r7
SLES-15-010540 - The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.UnixDISA SLES 15 STIG v1r6
SLES-15-010550 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution.UnixDISA SLES 15 STIG v1r6
UBTU-16-030130 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-030140 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010513 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 18.04 LTS v2r8
UBTU-18-010514 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - /etc/sysctl.conf /etc/sysctl.dUnixDISA STIG Ubuntu 18.04 LTS v2r8
UBTU-18-010514 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - /proc/sys/kernel/randomize_va_spaceUnixDISA STIG Ubuntu 18.04 LTS v2r8
UBTU-18-010514 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - sysctlUnixDISA STIG Ubuntu 18.04 LTS v2r8
UBTU-20-010447 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r5
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - procUnixDISA STIG Ubuntu 20.04 LTS v1r5
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - sysctlUnixDISA STIG Ubuntu 20.04 LTS v1r5
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r5
WINCC-000078 - EMET system-wide Address Space Layout Randomization (ASLR) must be enabled and configured to Application Opt In.WindowsDISA Windows Vista STIG v6r41
WINCC-000079 - EMET Default Protections for Internet Explorer must be enabled.WindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - Acrobat.exeWindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - AcroRd32.exeWindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - EXCEL.EXEWindowsDISA Windows Vista STIG v6r41