Detections
Analytics

CSCv6|12

Title

Boundary Defense

Description

Boundary Defense

Reference Item Details

Category: Boundary Defense

Family: Network

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Use a Split-Horizon ArchitectureUnixCIS BIND DNS v3.0.1 Caching Only Name Server
1.1 Use a Split-Horizon ArchitectureUnixCIS BIND DNS v3.0.1 Authoritative Name Server
1.1 Use a Split-Horizon ArchitectureUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.1 Use a Split-Horizon ArchitectureUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.2.1.2 Configure 'Minimize the number of simultaneous connections to the Internet or a Windows DomainWindowsCIS Windows 8 L1 v1.0.0
1.2.1.3 Configure 'Prohibit connection to non-domain networks when connected to domain authenticated network'WindowsCIS Windows 8 L1 v1.0.0
1.4 Use Secure Upstream Caching DNS ServersUnixCIS BIND DNS v1.0.0 L2 Caching Only Name Server
1.4 Use Secure Upstream Caching DNS ServersUnixCIS BIND DNS v3.0.1 Caching Only Name Server
1.6.7 Configure Network policies as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L2
1.6.7 Configure Network policies as appropriateUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L2
1.6.8 Configure Network policies as appropriateUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L2
1.6.8 Configure Network policies as appropriateUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L2
3.9 Ensure that SharePoint application servers are protected by a reverse proxyWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
3.9 Ensure that SharePoint application servers are protected by a reverse proxyWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
3.11 Ensure that the SharePoint Central Administration interface is not hosted in the DMZ.WindowsCIS Microsoft SharePoint 2016 OS v1.1.0
3.11 Ensure that the SharePoint Central Administration interface is not hosted in the DMZ.WindowsCIS Microsoft SharePoint 2019 OS v1.0.0
4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourlyPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every 15 minutesPalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every 15 minutesPalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
5.7 Ensure 'WildFire Update Schedule' is set to download and install updates every minutePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.9 Ensure the host's network namespace is not sharedUnixCIS Docker Community Edition v1.1.0 L1 Docker
5.30 Ensure the host's user namespaces is not sharedUnixCIS Docker Community Edition v1.1.0 L1 Docker
8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - Invalid CategoriesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured - PoliciesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLSPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
18.5.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 1 = Minimize simultaneous connections'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.21.2 (L1) Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1903 v1.19.9
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v21H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1909 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1803 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v2004 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1507 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1809 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v20H2 v1.0.0