Detections
Analytics

CSCv7|4.3

Title

Ensure the Use of Dedicated Administrative Accounts

Description

Ensure that all users with administrative account access use a dedicated or secondary account for elevated activities. This account should only be used for administrative activities and not internet browsing, email, or similar activities.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.14 Ensure that the kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.16 Ensure that the Scheduler kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian Family Workstation L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Debian Family Server L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.3.1 Ensure sudo is installedUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian Family Workstation L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Debian Family Server L1 v1.0.0
1.3.2 Ensure sudo commands use ptyUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
1.4 Ensure no 'root' user account access key exists - 'Access Key 1'amazon_awsCIS Amazon Web Services Foundations L1 2.0.0
1.4 Ensure no 'root' user account access key exists - 'Access Key 2'amazon_awsCIS Amazon Web Services Foundations L1 2.0.0
1.4.1 Set 'password' for 'enable secret'CiscoCIS Cisco IOS 17 L1 v2.0.0
1.4.1 Set 'password' for 'enable secret'CiscoCIS Cisco IOS 15 L1 v4.1.1
1.4.1 Set 'password' for 'enable secret'CiscoCIS Cisco IOS 16 L1 v2.0.0
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocolCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - serverCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.1 Ensure 'aaa authentication enable console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.2 Ensure 'aaa authentication http console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.4 Ensure 'aaa authentication serial console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.3.6 Ensure 'aaa authentication telnet console' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.4.1 Ensure 'aaa command authorization' is configured correctlyCiscoCIS Cisco ASA 9.x Firewall L1 v1.0.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco Firewall ASA 9 L1 v4.1.0
1.4.4.2 Ensure 'aaa authorization exec' is configured correctlyCiscoCIS Cisco Firewall v8.x L1 v4.2.0
1.17 Ensure That 'Restrict access to Azure AD administration portal' is Set to 'Yes'microsoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
1.25 Ensure That 'Subscription Entering AAD Directory' and 'Subscription Leaving AAD Directory' Is Set To 'Permit No One'microsoft_azureCIS Microsoft Azure Foundations v2.0.0 L2