CSCv7|2.2

Title

Ensure Software is Supported by Vendor

Description

Ensure that only software applications or operating systems currently supported by the software's vendor are added to the organization's authorized software inventory. Unsupported software should be tagged as unsupported in the inventory system.

Reference Item Details

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2022 Database L1 AWS RDS v1.0.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2017 Database L1 DB v1.3.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2017 Database L1 AWS RDS v1.3.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2019 Database L1 DB v1.3.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2022 Database L1 DB v1.0.0
1.1 Ensure Latest SQL Server Cumulative and Security Updates are InstalledMS_SQLDBCIS SQL Server 2019 Database L1 AWS RDS v1.3.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 DB v1.6.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2008 R2 DB Engine L1 v1.7.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2016 Database L1 AWS RDS v1.4.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2016 Database L1 DB v1.4.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 DB v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2014 Database L1 AWS RDS v1.5.0
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are InstalledMS_SQLDBCIS SQL Server 2012 Database L1 AWS RDS v1.6.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 4 L1 DB v1.0.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 3.6 Database Audit L1 v1.1.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 5 L1 DB v1.2.0
1.1 Ensure the appropriate MongoDB software version/patches are installedMongoDBCIS MongoDB 6 L1 DB v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Traditional Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Traditional Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 18c DB Unified Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 12c DB Unified Auditing v3.0.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 19c DB Unified Auditing v1.1.0
1.1 Ensure the Appropriate Version/Patches for Oracle Software Is InstalledOracleDBCIS Oracle Server 19c DB Traditional Auditing v1.1.0
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.0.1 L1 Loadbalancer
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.0.1 L1 Proxy
1.1.1 Ensure NGINX is installedUnixCIS NGINX Benchmark v2.0.1 L1 Webserver
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.0.1 L2 Webserver
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.0.1 L2 Loadbalancer
1.1.2 Ensure NGINX is installed from sourceUnixCIS NGINX Benchmark v2.0.1 L2 Proxy
1.2 Ensure End of Life JUNOS Devices are not usedJuniperCIS Juniper OS Benchmark v2.1.0 L1
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 7.0 v1.3.0 Level 1 Bare Metal
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal
1.2 Ensure the Image Profile VIB acceptance level is configured properlyUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.2.8 Ensure the version of the operating system is an active vendor supported releaseUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
1.2.33 Ensure unsupported configuration overrides are not usedOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.4 L1 v2.1.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L1 v3.6.0
1.3 Ensure Apache Is Installed From the Appropriate BinariesUnixCIS Apache HTTP Server 2.2 L2 v3.6.0
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal
1.3 Ensure no unauthorized kernel modules are loaded on the hostUnixCIS VMware ESXi 7.0 v1.3.0 Level 1 Bare Metal
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.5 Installing ISC BIND 9 - bind9 installationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Authoritative Name Server
1.5 Installing ISC BIND 9 - named locationUnixCIS BIND DNS v1.0.0 L1 Caching Only Name Server
1.29 Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
1.119 Ensure 'Suppress the unsupported OS warning' is set to 'Disabled'WindowsCIS Microsoft Edge L1 v2.0.0
2.1.6 Ensure the latest firmware is installedFortiGateCIS Fortigate 7.0.x Level 2 v1.2.0