CSCv7|2.10

Title

Physically or Logically Segregate High Risk Applications

Description

Physically or logically segregated systems should be used to isolate and run software that is required for business operations but incur higher risk for the organization.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.7 Community Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.6 Community Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.7 Enterprise Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MariaDB 10.6 on Linux L1 v1.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 8.0 Enterprise Database L1 v1.3.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 5.6 Enterprise Database L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsMySQLDBCIS MySQL 8.0 Community Database L1 v1.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 8.0 Community Linux OS L1 v1.0.0
1.2 Ensure intra-zone traffic is not always allowedFortiGateCIS Fortigate 7.0.x Level 1 v1.2.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2012 Database L1 OS v1.6.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2008 R2 DB Engine L1 v1.7.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2014 Database L1 AWS RDS v1.5.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2019 Database L1 DB v1.3.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2022 Database L1 DB v1.0.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2022 Database L1 AWS RDS v1.0.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2019 Database L1 AWS RDS v1.3.0
1.2 Ensure Single-Function Member Servers are UsedMS_SQLDBCIS SQL Server 2014 Database L1 DB v1.5.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2017 Database L1 OS v1.3.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2016 Database L1 OS v1.4.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.4 L1 v2.1.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.7 Ensure MariaDB is Run Under a Sandbox EnvironmentUnixCIS MariaDB 10.6 on Linux L2 v1.0.0
1.7 Ensure MariaDB is Run Under a Sandbox EnvironmentMySQLDBCIS MariaDB 10.6 Database L2 v1.0.0
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS MySQL 8.0 Enterprise Linux OS L2 v1.3.0
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS MySQL 8.0 Community Linux OS L2 v1.0.0
2.2 Dedicate the Machine Running MariaDBMySQLDBCIS MariaDB 10.6 Database L1 v1.0.0
2.2 Dedicate the Machine Running MariaDBUnixCIS MariaDB 10.6 on Linux L1 v1.0.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.6 Community Windows OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLMySQLDBCIS MySQL 5.6 Enterprise Database L1 v2.0.0
2.2 Dedicate the Machine Running MySQLUnixCIS MySQL 5.7 Community Linux OS L1 v2.0.0
2.13 Ensure 'Enable Site Isolation for every site' is set to 'Enabled'WindowsCIS Google Chrome L1 v2.1.0
10.1 Ensure Web content directory is on a separate partition from the Tomcat system filesUnixCIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system filesUnixCIS Apache Tomcat 10 L1 v1.1.0
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 8 L1 v1.1.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 9 L1 v1.2.0
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 8 L1 v1.1.0