Theme

CSCv7|5

Title

Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers

Audit Items

Name	Plugin	Audit Name
1.1.7 Set 'aaa accounting' to log all privileged use commands using 'commands 15'	Cisco	CIS Cisco IOS 15 L2 v4.1.1
1.2.1 Ensure the container host has been Hardened	Unix	CIS Docker v1.5.0 L1 Linux Host OS
1.2.28 Ensure that the --service-account-key-file argument is set as appropriate	Unix	CIS Kubernetes Benchmark v1.6.1 L1 Master
3.2.8 Ensure that the --hostname-override argument is not set	Unix	CIS Google Kubernetes Engine (GKE) v1.3.0 L1 Node
4.2.8 Ensure that the --hostname-override argument is not set	Unix	CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker
4.2.8 Ensure that the --hostname-override argument is not set	Unix	CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker
4.2.8 Ensure that the --hostname-override argument is not set	Unix	CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker
4.6.3 Apply Security Context to Your Pods and Containers	GCP	CIS Google Kubernetes Engine (GKE) v1.3.0 L2
5.7.4 The default namespace should not be used - BuildConfigs	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Builds	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - CronJobs	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - DaemonSets	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - DeploymentConfigs	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Deployments	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - HorizontalPodAutoScalers	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - ImageStreams	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Jobs	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Pods	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - ReplicaSets	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - ReplicationControllers	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Routes	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - Services	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
5.7.4 The default namespace should not be used - StatefulSets	OpenShift	CIS RedHat OpenShift Container Platform 4 v1.2.0 L2
7.2 iSight Camera Privacy and Confidentiality Concerns	Unix	CIS Apple macOS 10.12 L2 v1.2.0
7.2 iSight Camera Privacy and Confidentiality Concerns	Unix	CIS Apple macOS 10.13 L2 v1.1.0
7.3 Computer Name Considerations	Unix	CIS Apple macOS 10.13 L2 v1.1.0
7.3 Computer Name Considerations	Unix	CIS Apple macOS 10.12 L2 v1.2.0
7.7 Ensure devices lock after a period of inactivity to prevent unauthorized access	microsoft_azure	CIS Microsoft 365 Foundations E3 L1 v1.5.0
7.8 Ensure that mobile device encryption is enabled to prevent unauthorized access to mobile data	microsoft_azure	CIS Microsoft 365 Foundations E3 L1 v1.5.0
7.9 Ensure that mobile devices require complex passwords (Type = Alphanumeric)	microsoft_azure	CIS Microsoft 365 Foundations E3 L1 v1.5.0
7.12 Siri on macOS	Unix	CIS Apple macOS 10.12 L1 v1.2.0