Detections
Analytics

CSCv6|5.8

Title

Administrators should be required to access a system using a fully logged and non-administrative account.

Description

Administrators should be required to access a system using a fully logged and non-administrative account. Then, once logged on to the machine without administrative privileges, the administrator should transition to administrative privileges using tools such as Sudo on Linux/UNIX, RunAs on Windows, and other similar facilities for other types of systems.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2.44 Set 'Audit Policy: Logon-Logoff: Special Logon' to 'Success'WindowsCIS Windows 8 L1 v1.0.0
4.1 Ensure sudo is configured correctlyUnixCIS PostgreSQL 9.6 OS v1.0.0
4.1 Ensure sudo is configured correctlyUnixCIS PostgreSQL 11 OS v1.0.0
4.1 Ensure sudo is configured correctlyUnixCIS PostgreSQL 9.5 OS v1.1.0
4.1 Ensure sudo is configured correctlyUnixCIS PostgreSQL 10 OS v1.0.0
4.6 Ensure the set_user extension is installedPostgreSQLDBCIS PostgreSQL 9.6 DB v1.0.0
4.7 Ensure the set_user extension is installedPostgreSQLDBCIS PostgreSQL 9.5 DB v1.1.0
4.7 Ensure the set_user extension is installedPostgreSQLDBCIS PostgreSQL 10 DB v1.0.0
4.7 Ensure the set_user extension is installedPostgreSQLDBCIS PostgreSQL 11 DB v1.0.0
5.2.8 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.2.8 Ensure SSH root login is disabledUnixCIS Amazon Linux v2.1.0 L1
5.2.8 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.2.10 Ensure SSH root login is disabledUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
5.2.10 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
5.2.10 Ensure SSH root login is disabledUnixCIS Debian 8 Server L1 v2.0.2
5.2.10 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
5.2.10 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
5.2.10 Ensure SSH root login is disabledUnixCIS Distribution Independent Linux Server L1 v2.0.0
5.2.10 Ensure SSH root login is disabledUnixCIS Debian 8 Workstation L1 v2.0.2
5.2.14 Ensure SSH access is limitedUnixCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0
5.2.14 Ensure SSH access is limitedUnixCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0
5.2.14 Ensure SSH access is limitedUnixCIS Amazon Linux v2.1.0 L1
5.2.18 Ensure SSH access is limitedUnixCIS Debian 8 Workstation L1 v2.0.2
5.2.18 Ensure SSH access is limitedUnixCIS Debian 8 Server L1 v2.0.2
5.2.18 Ensure SSH access is limitedUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
5.2.18 Ensure SSH access is limitedUnixCIS Distribution Independent Linux Server L1 v2.0.0
5.3.10 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 18.04 LTS Workstation L1 v2.1.0
5.3.10 Ensure SSH root login is disabledUnixCIS Ubuntu Linux 18.04 LTS Server L1 v2.1.0
5.3.11 Ensure SSH root login is disabledUnixCIS Red Hat 6 Server L1 v3.0.0
5.3.11 Ensure SSH root login is disabledUnixCIS Red Hat 6 Workstation L1 v3.0.0
5.3.11 Ensure SSH root login is disabledUnixCIS Oracle Linux 6 Server L1 v2.0.0
5.3.11 Ensure SSH root login is disabledUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
5.3.11 Ensure SSH root login is disabledUnixCIS CentOS 6 Server L1 v3.0.0
5.3.11 Ensure SSH root login is disabledUnixCIS CentOS 6 Workstation L1 v3.0.0
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.3.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.3.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
Apply UAC restrictions to local accounts on network logonWindowsMSCT Windows Server 2016 MS v1.0.0
Apply UAC restrictions to local accounts on network logonWindowsMSCT Windows Server 2012 R2 MS v1.0.0
Apply UAC restrictions to local accounts on network logonWindowsMSCT Windows 10 v1507 v1.0.0
Apply UAC restrictions to local accounts on network logonWindowsMSCT Windows 10 1803 v1.0.0
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows Server v2004 MS v1.0.0
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows Server 1903 MS v1.19.9
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows Server v1909 MS v1.0.0
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows Server 2019 MS v1.0.0
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows 10 v2004 v1.0.0
Apply UAC restrictions to local accounts on network logonsWindowsMSCT Windows 10 1909 v1.0.0