CSCv6|16.1

Title

Review all system accounts and disable any account that cannot be associated with a business process and owner.

Description

Review all system accounts and disable any account that cannot be associated with a business process and owner.

Reference Item Details

Reference: CIS Critical Security Controls v6

Category: Account Monitoring and Control

Family: Application

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.2.25 Set 'Audit Policy: Logon-Logoff: Logoff' to 'Success'	Windows	CIS Windows 8 L1 v1.0.0
1.1.2.36 Set 'Audit Policy: Logon-Logoff: Other Logon/Logoff Events' to 'No Auditing'	Windows	CIS Windows 8 L1 v1.0.0
1.1.2.50 Set 'Audit Policy: Logon-Logoff: Logon' to 'Success and Failure'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.1.2 Configure 'Accounts: Rename guest account'	Windows	CIS Windows 8 L1 v1.0.0
1.1.3.1.5 Set 'Accounts: Guest account status' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
1.2.4.2.2.15 Set 'Require additional authentication at startup' to 'Enabled'	Windows	CIS Windows 8 L1 v1.0.0
2.3.1.2 Ensure 'Accounts: Guest account status' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
2.3.1.2 Ensure 'Accounts: Guest account status' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
2.3.1.3 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.3.1.5 Configure 'Accounts: Rename guest account'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
2.3.1.5 Configure 'Accounts: Rename guest account'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
3.5 Review User-Defined Roles	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.5 Review User-Defined Roles	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - clusterAdmin	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - clusterAdmin	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - dbOwner	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - dbOwner	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - hostManager	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - hostManager	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - readWriteAnyDatabase	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - readWriteAnyDatabase	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - userAdmin	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - userAdmin	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - userAdminAnyDatabase	MongoDB	CIS MongoDB 3.2 Database Audit L2 v1.0.0
3.6 Review Superuser/Admin Roles - userAdminAnyDatabase	MongoDB	CIS MongoDB 3.4 Database Audit L2 v1.0.0
5.3.1 Ensure password creation requirements are configured - 'dcredit'	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'dcredit'	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'lcredit'	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'lcredit'	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'minlen'	Unix	CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'minlen'	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.3.1 Ensure password creation requirements are configured - 'ocredit'	Unix	CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
10.5 Lock Inactive User Accounts	Unix	CIS Debian Linux 7 L1 v1.0.0
10.5 Lock Inactive User Accounts	Unix	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0
17.5.2 (L1) Ensure 'Audit Logoff' is set to include 'Success'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.2 Ensure 'Audit Logoff' is set to include 'Success'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
17.5.2 Ensure 'Audit Logoff' is set to include 'Success'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
17.5.3 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.3 Ensure 'Audit Logon' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
17.5.3 Ensure 'Audit Logon' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Bitlocker v3.2.0
18.9.11.2.11 Ensure 'Require additional authentication at startup' is set to 'Enabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.11.2.17 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.9.11.2.17 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker

Detections

Analytics

CSCv6|16.1

Title

Description

Reference Item Details

Audit Items