CSCv7|13.2

Title

Remove Sensitive Data or Systems Not Regularly Accessed by Organization

Description

Remove sensitive data or systems not regularly accessed by the organization from the network. These systems shall only be used as stand alone systems (disconnected from the network) by the business unit needing to occasionally use the system or completely virtualized and powered off until needed.

Reference Item Details

Category: Data Protection

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.3 Disable MariaDB Command History - .mysql_historyUnixCIS MariaDB 10.6 on Linux L2 v1.1.0
1.3 Disable MariaDB Command History - ~/.mysql_historyUnixCIS MariaDB 10.6 on Linux L2 v1.1.0
1.3 Disable MySQL Command HistoryWindowsCIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0
1.3 Disable MySQL Command HistoryUnixCIS MySQL 8.0 Enterprise Linux OS L2 v1.3.0
1.3 Disable MySQL Command HistoryWindowsCIS MySQL 5.7 Community Windows OS L2 v2.0.0
1.3 Disable MySQL Command HistoryUnixCIS MySQL 8.0 Community Linux OS L2 v1.0.0
1.3 Disable MySQL Command HistoryWindowsCIS MySQL 5.6 Community Windows OS L2 v2.0.0
1.3 Disable MySQL Command HistoryWindowsCIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0
1.3 Disable MySQL Command History - .mysql_historyUnixCIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - .mysql_historyUnixCIS MySQL 5.6 Community Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - .mysql_historyUnixCIS MySQL 5.7 Community Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - .mysql_historyUnixCIS MySQL 5.7 Enterprise Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - ~/.mysql_historyUnixCIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - ~/.mysql_historyUnixCIS MySQL 5.7 Community Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - ~/.mysql_historyUnixCIS MySQL 5.6 Community Linux OS L2 v2.0.0
1.3 Disable MySQL Command History - ~/.mysql_historyUnixCIS MySQL 5.7 Enterprise Linux OS L2 v2.0.0
1.5.3 Ensure core dump storage is disabledUnixCIS Amazon Linux 2023 Server L1 v1.0.0
1.5.4 Ensure core dump backtraces are disabledUnixCIS Amazon Linux 2023 Server L1 v1.0.0
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 10 L2 v1.1.0
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 10 L2 v1.1.0 Middleware
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 9 L2 v1.2.0
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 8 L2 v1.1.0 Middleware
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 9 L2 v1.2.0 Middleware
2.1 Alter the Advertised server.info StringUnixCIS Apache Tomcat 8 L2 v1.1.0
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 10 L2 v1.1.0
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 8 L2 v1.1.0
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 8 L2 v1.1.0 Middleware
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 10 L2 v1.1.0 Middleware
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 9 L2 v1.2.0
2.2 Alter the Advertised server.number StringUnixCIS Apache Tomcat 9 L2 v1.2.0 Middleware
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 10 L2 v1.1.0 Middleware
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 8 L2 v1.1.0 Middleware
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 10 L2 v1.1.0
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 8 L2 v1.1.0
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 9 L2 v1.2.0
2.3 Alter the Advertised server.built DateUnixCIS Apache Tomcat 9 L2 v1.2.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 9 L2 v1.2.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 10 L2 v1.1.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 8 L2 v1.1.0
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 10 L2 v1.1.0
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 8 L2 v1.1.0 Middleware
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsUnixCIS Apache Tomcat 9 L2 v1.2.0
2.5 Disable client facing Stack TracesUnixCIS Apache Tomcat 10 L1 v1.1.0
2.5 Disable client facing Stack TracesUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
2.5 Disable client facing Stack Traces - check for defined exception typeUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
2.5 Disable client facing Stack Traces - check for defined exception typeUnixCIS Apache Tomcat 8 L1 v1.1.0
2.5 Disable client facing Stack Traces - check for defined exception typeUnixCIS Apache Tomcat 9 L1 v1.2.0
2.5 Disable client facing Stack Traces - check for defined exception typeUnixCIS Apache Tomcat 8 L1 v1.1.0 Middleware
2.12 Securely delete files as neededUnixCIS Apple macOS 10.13 L2 v1.1.0
2.12 Securely delete files as neededUnixCIS Apple macOS 10.12 L2 v1.2.0