CSCv7|18.11

Title

Use Standard Hardening Configuration Templates for Databases

Description

For applications that rely on a database, use standard hardening configuration templates. All systems that are part of critical business processes should also be tested.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Application Software Security

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented	Unix	CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware
1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented	Unix	CIS Apache HTTP Server 2.4 L1 v2.1.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2012 Database L1 DB v1.6.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2008 R2 DB Engine L1 v1.7.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2017 Database L1 DB v1.3.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2019 Database L1 DB v1.3.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2022 Database L1 AWS RDS v1.0.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2019 Database L1 AWS RDS v1.3.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2014 Database L1 DB v1.5.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2016 Database L1 DB v1.4.0
2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0'	MS_SQLDB	CIS SQL Server 2022 Database L1 DB v1.0.0
2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2019 Database L1 AWS RDS v1.3.0
2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2022 Database L1 AWS RDS v1.0.0
2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2019 Database L1 DB v1.3.0
2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2022 Database L1 DB v1.0.0
2.18 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2017 Database L1 DB v1.3.0
2.18 Ensure 'clr strict security' Server Configuration Option is set to '1'	MS_SQLDB	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0
4.1 Ensure legacy TLS protocols are disabled	Windows	CIS MongoDB 4 L2 OS Windows v1.0.0
4.1 Ensure legacy TLS protocols are disabled	Windows	CIS MongoDB 5 L2 OS Windows v1.2.0
4.1 Ensure legacy TLS protocols are disabled	Unix	CIS MongoDB 5 L2 OS Linux v1.2.0
4.1 Ensure legacy TLS protocols are disabled	Unix	CIS MongoDB 4 L2 OS Linux v1.0.0
4.1 Ensure legacy TLS protocols are disabled	Unix	CIS MongoDB 7 L2 OS Linux v1.0.0
4.1 Ensure legacy TLS protocols are disabled	Unix	CIS MongoDB 6 L2 OS Linux v1.1.0
4.1 Ensure legacy TLS protocols are disabled	Windows	CIS MongoDB 6 L2 OS Windows v1.1.0
4.1 Ensure legacy TLS protocols are disabled	Windows	CIS MongoDB 7 L2 OS Windows v1.0.0
5.5.5 Ensure Shielded GKE Nodes are Enabled	GCP	CIS Google Kubernetes Engine (GKE) v1.5.0 L1
6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured	PostgreSQLDB	CIS PostgreSQL 10 DB v1.0.0
6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured	PostgreSQLDB	CIS PostgreSQL 11 DB v1.0.0
6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured	PostgreSQLDB	CIS PostgreSQL 9.6 DB v1.0.0
6.1 Understanding attack vectors and runtime parameters	PostgreSQLDB	CIS PostgreSQL 13 DB v1.1.0
6.1 Understanding attack vectors and runtime parameters	PostgreSQLDB	CIS PostgreSQL 16 DB v1.0.0
6.1 Understanding attack vectors and runtime parameters	PostgreSQLDB	CIS PostgreSQL 15 DB v1.1.0
6.1 Understanding attack vectors and runtime parameters	PostgreSQLDB	CIS PostgreSQL 12 DB v1.1.0
6.1 Understanding attack vectors and runtime parameters	PostgreSQLDB	CIS PostgreSQL 14 DB v 1.2.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 11 DB v1.0.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 10 DB v1.0.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 9.5 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 14 DB v 1.2.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 12 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 9.6 DB v1.0.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 16 DB v1.0.0
6.2 Ensure 'backend' runtime parameters are configured correctly	PostgreSQLDB	CIS PostgreSQL 15 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly - ignore_system_indexes	PostgreSQLDB	CIS PostgreSQL 13 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly - jit_debugging_support	PostgreSQLDB	CIS PostgreSQL 13 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly - jit_profiling_support	PostgreSQLDB	CIS PostgreSQL 13 DB v1.1.0
6.2 Ensure 'backend' runtime parameters are configured correctly - log_connections	PostgreSQLDB	CIS PostgreSQL 13 DB v1.1.0

Detections

Analytics

CSCv7|18.11

Title

Description

Reference Item Details

Audit Items