CSCv7|2.10

Title

Physically or Logically Segregate High Risk Applications

Description

Physically or logically segregated systems should be used to isolate and run software that is required for business operations but incur higher risk for the organization.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 8.0 Enterprise Linux OS L1 v1.2.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Community Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.6 Community Linux OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsWindowsCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
1.1 Place Databases on Non-System PartitionsUnixCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
1.2 Ensure intra-zone traffic is not always allowedFortiGateCIS Fortigate Level 1 v1.0.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2017 Database L1 OS v1.2.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2012 Database L1 OS v1.6.0
1.2 Ensure Single-Function Member Servers are UsedWindowsCIS SQL Server 2016 Database L1 OS v1.3.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.4 L1 v2.0.0 Middleware
1.2 Ensure the Server Is Not a Multi-Use SystemUnixCIS Apache HTTP Server 2.4 L1 v2.0.0
1.7 Ensure MySQL is Run Under a Sandbox EnvironmentUnixCIS MySQL 8.0 Enterprise Linux OS L2 v1.2.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.6 Community Windows OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLUnixCIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLUnixCIS MySQL 5.7 Community Linux OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLUnixCIS MySQL 5.6 Community Linux OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLUnixCIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0
2.2 Dedicate the Machine Running MySQLWindowsCIS MySQL 5.7 Community Windows OS L1 v2.0.0
2.3 Dedicate the Machine Running MySQLUnixCIS MySQL 8.0 Enterprise Linux OS L1 v1.2.0
2.13 Ensure 'Enable Site Isolation for every site' is set to 'Enabled'WindowsCIS Google Chrome L1 v2.1.0
5.7.4 The default namespace should not be usedUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master
5.7.4 The default namespace should not be usedUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L2 Master
5.7.4 The default namespace should not be usedUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L2 Master
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 9 L1 v1.2.0
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 8 L1 v1.1.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 8 L1 v1.1.0
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 10 L1 v1.0.0 Middleware
10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directoryUnixCIS Apache Tomcat 10 L1 v1.0.0