CSCv6|18.9

Title

For in-house developed applications, ensure that development artifacts are not included in the deployed software, or accessible in the production environment.

Description

For in-house developed applications, ensure that development artifacts (sample data and scripts; unused libraries, components, debug code; or tools) are not included in the deployed software, or accessible in the production environment.

Reference Item Details

Category: Application Software Security

Family: Application

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.1 Ensure 'extproc' Is Not Present in 'listener.ora'UnixCIS Oracle Server 19c Linux v1.0.0
2.1.1 Ensure 'extproc' Is Not Present in 'listener.ora'WindowsCIS Oracle Server 19c Windows v1.0.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'UnixCIS Oracle Server 12c Linux v2.1.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'UnixCIS Oracle Server 12c Linux v3.0.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'WindowsCIS Oracle Server 12c Windows v3.0.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'WindowsCIS Oracle Server 12c Windows v2.1.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'UnixCIS Oracle Server 18c Linux v1.0.0
2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'WindowsCIS Oracle Server 18c Windows v1.0.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2012 Database L1 DB v1.6.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2014 Database L1 DB v1.5.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2016 Database L1 DB v1.3.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2017 Database L1 AWS RDS v1.2.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2019 Database L1 AWS RDS v1.2.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2019 Database L1 DB v1.2.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2017 Database L1 DB v1.2.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2012 Database L1 AWS RDS v1.6.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2014 Database L1 AWS RDS v1.5.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'MS_SQLDBCIS SQL Server 2016 Database L1 AWS RDS v1.3.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.4 L1 v1.5.0 Middleware
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.4 L2 v1.5.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.2 L1 v3.5.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.4 L1 v1.5.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.4 L1 v2.0.0
3.7 Ensure the Core Dump Directory Is SecuredUnixCIS Apache HTTP Server 2.4 L1 v2.0.0 Middleware
4.1 Ensure All Default Passwords Are ChangedOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
4.1 Ensure All Default Passwords Are ChangedOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.0.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 18c DB Unified Auditing v1.0.0
4.2 Ensure All Sample Data And Users Have Been RemovedOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.2 L1 v3.6.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v1.5.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v2.0.0 Middleware
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v2.0.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.2 L2 v3.6.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.4 L2 v1.5.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.2 L1 v3.5.0
5.4 Ensure Default HTML Content Is Removed - 'Server Information handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v1.5.0 Middleware
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.2 L1 v3.6.0
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v2.0.0
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.4 L2 v1.5.0
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v2.0.0 Middleware
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.4 L1 v1.5.0
5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist'UnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware