CSCv7|2.7

Title

Utilize Application Whitelisting

Description

Utilize application whitelisting technology on all assets to ensure that only authorized software executes and all unauthorized software is blocked from executing on assets.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Inventory and Control of Software Assets

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.12 Ensure 'User consent for applications' Is Set To 'Allow for Verified Publishers'	microsoft_azure	CIS Microsoft Azure Foundations v2.0.0 L2
1.25 Ensure 'Allow features to download assets from the Asset Delivery Service' is set to 'Disabled'	Windows	CIS Microsoft Edge L2 v2.0.0
1.26 Ensure 'Allow file selection dialogs' is set to 'Disabled'	Windows	CIS Microsoft Edge L2 v2.0.0
1.67 Ensure 'Control communication with the Experimentation and Configuration Service' is set to 'Enabled: Disable communication with the Experimentation and Configuration Service'	Windows	CIS Microsoft Edge L1 v2.0.0
11.3 Ensure the httpd_t Type is Not in Permissive Mode	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0
11.3 Ensure the httpd_t Type is Not in Permissive Mode	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0
12.1 Ensure the AppArmor Framework Is Enabled	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0
12.2 Ensure the Apache AppArmor Profile Is Configured Properly	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0
12.2 Ensure the Apache AppArmor Profile Is Configured Properly	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.3 Ensure Apache AppArmor Profile is in Enforce Mode	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware
12.3 Ensure Apache AppArmor Profile is in Enforce Mode	Unix	CIS Apache HTTP Server 2.4 L2 v2.1.0
12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0
12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode	Unix	CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware
18.8.22.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
18.8.22.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
18.8.22.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
18.8.22.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0
18.8.22.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	Windows	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL + NG
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + NG
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + NG
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 10 v2.0.0 L1 + BL + NG
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1
18.10.43.14 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + BL
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1 + BL
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 10 EMS Gateway v2.0.0 L1
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 11 Enterprise v2.0.0 L1
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + NG
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL + NG
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block'	Windows	CIS Microsoft Windows 10 Enterprise v2.0.0 L1 + BL
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2019 DC L1 v2.0.0
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2019 MS L1 v2.0.0
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL + NG
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + NG
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2016 MS L1 v2.0.0
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L1 DC
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L1 MS
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2016 DC L1 v2.0.0
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows 10 Stand-alone v2.0.0 L1 + BL
18.10.43.16 Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' - Enabled: Block	Windows	CIS Microsoft Windows Server 2019 MS Standalone L1 v1.0.0

Detections

Analytics

CSCv7|2.7

Title

Description

Reference Item Details

Audit Items