CSCv7|16.7

Title

Establish Process for Revoking Access

Description

Establish and follow an automated process for revoking system access by disabling accounts immediately upon termination or change of responsibilities of an employee or contractor . Disabling these accounts, instead of deleting accounts, allows preservation of audit trails.

Reference Item Details

Category: Account Monitoring and Control

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 19c DB Traditional Auditing v1.2.0
2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 19c DB Unified Auditing v1.2.0
2.2.12 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
2.2.12 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or LessOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 19c DB Unified Auditing v1.2.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5'OracleDBCIS Oracle Server 19c DB Traditional Auditing v1.2.0
3.1.1 Client certificate authentication should not be used for usersUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
3.1.1 Client certificate authentication should not be used for usersUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
3.1.1 Client certificate authentication should not be used for usersUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
3.1.1 Client certificate authentication should not be used for usersUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
3.1.2 Service account token authentication should not be used for usersUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
3.1.3 Bootstrap token authentication should not be used for usersUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 19c DB Unified Auditing v1.2.0
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1'OracleDBCIS Oracle Server 19c DB Traditional Auditing v1.2.0
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'OracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'OracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
3.4 Ensure that Storage Account Access Keys are Periodically Regeneratedmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
3.6 Ensure that Shared Access Signature Tokens Expire Within an Hourmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 19c DB Unified Auditing v1.2.0
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10'OracleDBCIS Oracle Server 19c DB Traditional Auditing v1.2.0
4.3 Ensure the maximum failed login attempts is set to 5VMwareCIS VMware ESXi 6.7 v1.3.0 Level 1
4.3 Ensure the maximum failed login attempts is set to 5VMwareCIS VMware ESXi 7.0 v1.3.0 Level 1
4.4.1 Ensure custom authselect profile is usedUnixCIS Amazon Linux 2023 Server L1 v1.0.0
4.4.2 Ensure authselect includes with-faillockUnixCIS Amazon Linux 2023 Server L1 v1.0.0
4.4.2 Ensure lockout for failed password attempts is configuredUnixCIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1
4.4.2 Ensure lockout for failed password attempts is configuredUnixCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1
4.4.2 Ensure lockout for failed password attempts is configuredUnixCIS Debian 10 Workstation L1 v2.0.0
4.4.2 Ensure lockout for failed password attempts is configuredUnixCIS Debian 10 Server L1 v2.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Rocky Linux 8 Server L1 v2.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS AlmaLinux OS 8 Workstation L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Red Hat EL8 Server L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS AlmaLinux OS 8 Server L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Red Hat EL8 Workstation L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Oracle Linux 8 Workstation L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Oracle Linux 8 Server L1 v3.0.0
4.4.2.1 Ensure active authselect profile includes pam modulesUnixCIS Rocky Linux 8 Workstation L1 v2.0.0