CSCv6|14.6

Title

Enforce detailed audit logging for access to nonpublic data and special authentication for sensitive data.

Description

Enforce detailed audit logging for access to nonpublic data and special authentication for sensitive data.

Reference Item Details

Category: Controlled Access Based on the Need to Know

Family: Application

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.5 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.3.1 L2 Linux Host OS
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.7 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.9 Ensure auditing is configured for Docker files and directories - docker.socketUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runcUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.36 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.36 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file contentsUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.36 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file parameterUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.37 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - @AUDIT_POLICY_FILE@UnixCIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AUDIT_POLICY_FILEUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-fileUnixCIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-fileUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file contentsUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-file parameterUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.38 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.0 L1
1.1.38 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.38 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.2.4 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.2.0 L2 Linux Host OS
1.2.5 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.6 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.7 Ensure auditing is configured for Docker files and directories - docker.socketUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.8 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.9 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/dockerUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.10 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.11 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.12 Ensure auditing is configured for Docker files and directories - /usr/sbin/runcUnixCIS Docker v1.2.0 L1 Linux Host OS
1.2.25 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes v1.20 Benchmark v1.0.0 L1 Master
1.2.26 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.2.26 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes Benchmark v1.5.1 L1
1.6 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.7 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.8 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.9 Ensure auditing is configured for Docker files and directories - docker.socketUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.10 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.12 Ensure auditing is configured for Docker files and directories - /usr/bin/docker-containerdUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
1.13 Ensure auditing is configured for Docker files and directories - /usr/bin/docker-runcUnixCIS Docker Community Edition v1.1.0 L1 Linux Host OS
2.2.2 Ensure that the audit policy covers key security concernsGCPCIS Google Kubernetes Engine (GKE) v1.1.0 L2 Master
2.3.10.8 Configure 'Network access: Remotely accessible registry paths'WindowsCIS Windows Server 2012 R2 MS L1 v2.4.0
2.3.10.8 Configure 'Network access: Remotely accessible registry paths'WindowsCIS Windows Server 2012 DC L1 v2.2.0
2.3.10.8 Configure 'Network access: Remotely accessible registry paths'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
2.3.10.8 Configure 'Network access: Remotely accessible registry paths'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.2.0