CSCv7|14.9

Title

Enforce Detail Logging for Access or Changes to Sensitive Data

Description

Enforce detailed audit logging for access to sensitive data or changes to sensitive data (utilizing tools such as File Integrity Monitoring or Security Information and Event Monitoring).

Reference Item Details

Category: Controlled Access Based on the Need to Know

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.4 Ensure auditing is configured for Docker files and directories - /run/containerdUnixCIS Docker v1.3.1 L2 Linux Host OS
1.1.5 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.3.1 L2 Linux Host OS
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.7 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sockUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.9 Ensure auditing is configured for Docker files and directories - docker.socketUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.tomlUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/dockerUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shimUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1UnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.17 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v2UnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runcUnixCIS Docker v1.3.1 L1 Linux Host OS
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - @[email protected]UnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-fileUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.38 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.2.1 Ensure dm-verity is enabledUnixCIS Google Container-Optimized OS L1 Server v1.0.0
1.2.7 Verify Package Integrity Using RPMUnixCIS Red Hat Enterprise Linux 5 L1 v2.2.1
1.2.26 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes Benchmark v1.6.1 L1 Master
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux 2 STIG v1.0.0 L1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL7 Server L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 7 Server L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 7 Workstation L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Debian 9 Server L1 v1.0.1
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Workstation L1 v2.0.2
1.3.1 Ensure AIDE is installedUnixCIS CentOS 7 v3.1.2 Server L1
1.3.1 Ensure AIDE is installedUnixCIS Aliyun Linux 2 L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 7 v3.1.2 Workstation L1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 8 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 8 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL7 Workstation L1 v3.1.1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation
1.3.1 Ensure AIDE is installedUnixCIS Debian 9 Workstation L1 v1.0.1
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Server L1 v2.0.2
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Distribution Independent Linux Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Workstation L1 v3.0.0