Detections
Analytics

CSCv7|14.9

Title

Enforce Detail Logging for Access or Changes to Sensitive Data

Description

Enforce detailed audit logging for access to sensitive data or changes to sensitive data (utilizing tools such as File Integrity Monitoring or Security Information and Event Monitoring).

Reference Item Details

Category: Controlled Access Based on the Need to Know

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.4 Ensure auditing is configured for Docker files and directories - /run/containerdUnixCIS Docker v1.6.0 L1 Docker Linux
1.1.4 Ensure auditing is configured for Docker files and directories - /run/containerdUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.5 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.5 Ensure auditing is configured for Docker files and directories - /var/lib/dockerUnixCIS Docker v1.6.0 L1 Docker Linux
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/dockerUnixCIS Docker v1.6.0 L1 Docker Linux
1.1.7 Ensure auditing is configured for Docker files and directories - docker.serviceUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.8 Ensure auditing is configured for Docker files and directories - containerd.sockUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.9 Ensure auditing is configured for Docker files and directories - docker.sockUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/dockerUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.jsonUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.12 Ensure auditing is configured for Docker files and directories - /etc/containerd/config.tomlUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.13 Ensure auditing is configured for Docker files and directories - /etc/sysconfig/dockerUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.14 Ensure auditing is configured for Docker files and directories - /usr/bin/containerdUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.15 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shimUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.16 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v1UnixCIS Docker v1.6.0 L2 Docker Linux
1.1.17 Ensure auditing is configured for Docker files and directories - /usr/bin/containerd-shim-runc-v2UnixCIS Docker v1.6.0 L2 Docker Linux
1.1.18 Ensure auditing is configured for Docker files and directories - /usr/bin/runcUnixCIS Docker v1.6.0 L2 Docker Linux
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AdvancedAuditingUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - AUDIT_POLICY_FILEUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.37 Ensure that the AdvancedAuditing argument is not set to false - audit-policy-fileUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.38 Ensure that the --request-timeout argument is set as appropriateUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.2.1 Ensure AIDE is installedUnixCIS Debian 10 Workstation L1 v2.0.0
1.2.1 Ensure AIDE is installedUnixCIS Debian 10 Server L1 v2.0.0
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1
1.2.1 Ensure AIDE is installedUnixCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1
1.2.1 Ensure dm-verity is enabledUnixCIS Google Container-Optimized OS L1 Server v1.1.0
1.2.2 Ensure filesystem integrity is regularly checkedUnixCIS Debian 10 Workstation L1 v2.0.0
1.2.2 Ensure filesystem integrity is regularly checkedUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1
1.2.2 Ensure filesystem integrity is regularly checkedUnixCIS Debian 10 Server L1 v2.0.0
1.2.2 Ensure filesystem integrity is regularly checkedUnixCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1
1.2.7 Verify Package Integrity Using RPMUnixCIS Red Hat Enterprise Linux 5 L1 v2.2.1
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Workstation L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat EL9 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Rocky Linux 9 Workstation L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux 2023 Server L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS Aliyun Linux 2 L1 v1.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Server L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS Oracle Linux 6 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS SUSE Linux Enterprise Server 11 L1 v2.1.1
1.3.1 Ensure AIDE is installedUnixCIS Debian 9 Server L1 v1.0.1
1.3.1 Ensure AIDE is installedUnixCIS Debian 8 Workstation L1 v2.0.2
1.3.1 Ensure AIDE is installedUnixCIS Distribution Independent Linux Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS Linux 8 Server L1 v2.0.0
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server
1.3.1 Ensure AIDE is installedUnixCIS Amazon Linux 2 STIG v1.0.0 L1
1.3.1 Ensure AIDE is installedUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3.1 Ensure AIDE is installedUnixCIS Red Hat 6 Workstation L1 v3.0.0
1.3.1 Ensure AIDE is installedUnixCIS CentOS 6 Workstation L1 v3.0.0