CSCv7|4.6

Title

Use of Dedicated Machines For All Administrative Tasks

Description

Ensure administrators use a dedicated machine for all administrative tasks or tasks requiring administrative access. This machine will be segmented from the organization's primary network and not be allowed Internet access. This machine will not be used for reading e-mail, composing documents, or browsing the Internet.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.2.10 Ensure 'Create a pagefile' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.11 Ensure 'Create a token object' is set to 'No One'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.14 Configure 'Create symbolic links'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.15 Ensure 'Debug programs' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.3 Ensure that 'Fallback to local' option is disabled for Remote Authentication SettingsF5CIS F5 Networks v1.0.0 L2
2.4 Ensure External Users' role is set to 'No Access'F5CIS F5 Networks v1.0.0 L2
2.5 Ensure External Users' has access to needed Partitions onlyF5CIS F5 Networks v1.0.0 L1
2.6 Ensure External Users' Terminal Access is DisabledF5CIS F5 Networks v1.0.0 L1
4.3.1 admUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.2 binUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.4 guestUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.5 lpdUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.6 nobodyUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.7 nuucpUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.8 sysUnixCIS IBM AIX 7.1 L1 v2.1.0
4.3.9 uucpUnixCIS IBM AIX 7.1 L1 v2.1.0
5.11 (L1) Host must isolate management communicationsVMwareCIS VMware ESXi 8.0 v1.1.0 L1
6.2.6 Ensure root is the only UID 0 accountUnixCIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0
6.2.6 Ensure root is the only UID 0 accountUnixCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0
6.2.6 Ensure root is the only UID 0 accountUnixCIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0
6.2.10 Ensure root is the only UID 0 accountUnixCIS Debian Family Workstation L1 v1.0.0
6.2.10 Ensure root is the only UID 0 accountUnixCIS Debian Family Server L1 v1.0.0
6.2.11 Ensure root is the only UID 0 accountUnixCIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0
6.2.11 Ensure root is the only UID 0 accountUnixCIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0