CSCv7|4.7

Title

Limit Access to Script Tools

Description

Limit access to scripting tools (such as Microsoft PowerShell and Python) to only administrative or development users with the need to access those capabilities.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.2 Give the BIND User Account an Invalid Shell	Unix	CIS BIND DNS v1.0.0 L1 Caching Only Name Server
2.2 Give the BIND User Account an Invalid Shell	Unix	CIS BIND DNS v1.0.0 L1 Authoritative Name Server
2.2.10 Ensure 'UTL_FILE_DIR' Is Empty	OracleDB	CIS Oracle Server 12c DB Traditional Auditing v3.0.0
2.2.10 Ensure 'UTL_FILE_DIR' Is Empty	OracleDB	CIS Oracle Server 12c DB Unified Auditing v3.0.0
2.3.5.1 Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)	Windows	CIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
2.3.5.1 Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)	Windows	CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 8 L1 v1.1.0
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 10 L1 v1.1.0
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 9 L1 v1.2.0
3.1 Set a nondeterministic Shutdown command value	Unix	CIS Apache Tomcat 8 L1 v1.1.0 Middleware
4.1 Ensure All Default Passwords Are Changed	OracleDB	CIS Oracle Server 12c DB Traditional Auditing v3.0.0
4.1 Ensure All Default Passwords Are Changed	OracleDB	CIS Oracle Server 12c DB Unified Auditing v3.0.0
4.1 Ensure That Instances Are Not Configured To Use the Default Service Account	GCP	CIS Google Cloud Platform v2.0.0 L1
4.1.4 Minimize access to create pods	GCP	CIS Google Kubernetes Engine (GKE) v1.5.0 L1
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 18c DB Traditional Auditing v1.1.0
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 19c DB Unified Auditing v1.2.0
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 19c DB Traditional Auditing v1.2.0
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 12c DB Traditional Auditing v3.0.0
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 12c DB Unified Auditing v3.0.0
4.2 Ensure All Sample Data And Users Have Been Removed	OracleDB	CIS Oracle Server 18c DB Unified Auditing v1.1.0
4.2 Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs	GCP	CIS Google Cloud Platform v2.0.0 L1
4.4 Ensure 'local_infile' Is Disabled	MySQLDB	CIS MySQL 5.6 Enterprise Database L1 v2.0.0
4.4 Ensure 'local_infile' Is Disabled	MySQLDB	CIS MySQL 5.6 Community Database L1 v2.0.0
4.4 Harden Usage for 'local_infile' on MariaDB Clients	Unix	CIS MariaDB 10.6 on Linux L1 v1.0.0
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 9 L1 v1.2.0
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 10 L1 v1.1.0
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 8 L2 v1.1.0 Middleware
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 8 L2 v1.1.0
10.2 Restrict access to the web administration application	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.3 Restrict manager application	Unix	CIS Apache Tomcat 8 L2 v1.1.0
10.3 Restrict manager application	Unix	CIS Apache Tomcat 9 L2 v1.2.0
10.3 Restrict manager application	Unix	CIS Apache Tomcat 10 L2 v1.1.0
10.3 Restrict manager application	Unix	CIS Apache Tomcat 8 L2 v1.1.0 Middleware
10.3 Restrict manager application	Unix	CIS Apache Tomcat 10 L2 v1.1.0 Middleware
10.3 Restrict manager application	Unix	CIS Apache Tomcat 9 L2 v1.2.0 Middleware
10.13 Do not run applications as privileged	Unix	CIS Apache Tomcat 10 L1 v1.1.0
10.13 Do not run applications as privileged	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.13 Do not run applications as privileged	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.13 Do not run applications as privileged	Unix	CIS Apache Tomcat 9 L1 v1.2.0
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 9 L1 v1.2.0
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 10 L1 v1.1.0
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 9 L1 v1.2.0 Middleware
10.14 Do not allow cross context requests	Unix	CIS Apache Tomcat 10 L1 v1.1.0 Middleware
10.14 Do not run applications as privileged	Unix	CIS Apache Tomcat 8 L1 v1.1.0
10.14 Do not run applications as privileged	Unix	CIS Apache Tomcat 8 L1 v1.1.0 Middleware
10.15 Do not allow cross context requests	Unix	CIS Apache Tomcat 8 L1 v1.1.0 Middleware
10.15 Do not allow cross context requests	Unix	CIS Apache Tomcat 8 L1 v1.1.0

Detections

Analytics

CSCv7|4.7

Title

Description

Reference Item Details

Audit Items