CSCv7|14.8

Title

Encrypt Sensitive Information at Rest

Description

Encrypt all sensitive information at rest using a tool that requires a secondary authentication mechanism not integrated into the operating system, in order to access the information.

Reference Item Details

Category: Controlled Access Based on the Need to Know

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.34 Ensure that the --encryption-provider-config argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.35 Ensure that the encryption provider is set to aescbcUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.25 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.28 Ensure that the --etcd-cafile argument is set as appropriateUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.28 Ensure that the --etcd-cafile argument is set as appropriateUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.2.28 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - keyfileUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.2.29 Ensure that the --encryption-provider-config argument is set as appropriateUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.29 Ensure that the --encryption-provider-config argument is set as appropriateUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.30 Ensure that encryption providers are appropriately configuredUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
1.2.30 Ensure that encryption providers are appropriately configuredUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
1.2.31 Ensure that the --etcd-cafile argument is set as appropriateUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.2.32 Ensure that the --encryption-provider-config argument is set as appropriateUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.2.33 Ensure that encryption providers are appropriately configuredUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
1.2.33 Ensure that the --encryption-provider-config argument is set as appropriateUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.2.34 Ensure that encryption providers are appropriately configuredUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
10.19 Ensure Manager Application Passwords are EncryptedUnixCIS Apache Tomcat 9 L1 v1.1.0 Middleware
10.19 Ensure Manager Application Passwords are EncryptedUnixCIS Apache Tomcat 9 L1 v1.1.0
18.9.64.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
18.9.64.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
18.9.64.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
18.9.64.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.9.64.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
18.9.64.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1
18.9.64.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
18.9.64.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
18.9.65.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
18.9.65.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
18.9.65.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
18.9.65.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
18.9.65.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
18.9.65.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
18.9.67.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0
18.9.67.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0
18.9.67.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0
18.9.67.2 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0
18.9.67.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 DC
18.9.67.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 DC L1 v1.3.0
18.9.67.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 MS L1 v1.3.0
18.9.67.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 MS
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL
18.9.67.5 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL