CSCv7|2.2

Title

Ensure Software is Supported by Vendor

Description

Ensure that only software applications or operating systems currently supported by the software's vendor are added to the organization's authorized software inventory. Unsupported software should be tagged as unsupported in the inventory system.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 5 L1 DB v1.1.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 4 L1 DB v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 3.6 Database Audit L1 v1.1.0
1.2 Ensure End of Life JUNOS Devices are not usedJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 7.0 v1.1.0 Level 1 Bare Metal
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.7 v1.2.0 Level 1 Bare Metal
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.2.8 Ensure the version of the operating system is an active vendor supported releaseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.4 L1 v2.0.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.4 L1 v2.0.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 7.0 v1.1.0 Level 1 Bare Metal
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 6.7 v1.2.0 Level 1 Bare Metal
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.29 Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
1.111 Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Microsoft Edge L1 v1.1.0
2.1.6 Ensure the latest firmware is installedFortiGateCIS Fortigate Level 2 v1.0.0
2.9 Ensure Legacy EFI Is Valid and Updating - checked regularlyUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
2.9 Ensure Legacy EFI Is Valid and Updating - checked regularlyUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
2.9 Ensure Legacy EFI Is Valid and Updating - checked regularlyUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
2.9 Ensure Legacy EFI Is Valid and Updating - validUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L1
2.9 Ensure Legacy EFI Is Valid and Updating - validUnixCIS Apple macOS 12.0 Monterey v2.0.0 L1
2.9 Ensure Legacy EFI Is Valid and Updating - validUnixCIS Apple macOS 10.15 Catalina v3.0.0 L1
2.11 Ensure EFI Version Is Valid and Checked Regularly - daemonUnixCIS Apple macOS 10.14 v2.0.0 L1
2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-checkUnixCIS Apple macOS 10.14 v2.0.0 L1
4.1 Ensure device is not obviously jailbrokenMDMMobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
4.1 Ensure device is not obviously jailbrokenMDMAirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1
4.1 Ensure device is not obviously jailbrokenMDMAirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
4.1 Ensure device is not obviously jailbrokenMDMMobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
4.1 Ensure device is not obviously jailbrokenMDMMobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1
4.1 Ensure device is not obviously jailbrokenMDMMobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1
4.1 Ensure device is not obviously jailbrokenMDMAirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1
4.1 Ensure device is not obviously jailbrokenMDMAirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMAirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMMobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMMobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMAirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMMobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
4.2 Ensure 'Software Update' returns 'Your software is up to date.'MDMMobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1
4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All ProjectsGCPCIS Google Cloud Platform v1.3.0 L2
20.41 Ensure 'Operating System is maintained at a supported servicing level'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
20.41 Ensure 'Operating System is maintained at a supported servicing level'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
20.42 Ensure 'Operating System is maintained at a supported servicing level'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
20.42 Ensure 'Operating System is maintained at a supported servicing level'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0