CSCv7|8

Title

Malware Defenses

Reference Item Details

Category: Malware Defenses

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.5 Ensure noexec option set on /tmp partitionUnixCIS Debian 9 Workstation L1 v1.0.1
1.1.5 Ensure noexec option set on /tmp partitionUnixCIS Debian 9 Server L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partitionUnixCIS Debian 9 Server L1 v1.0.1
1.1.17 Ensure noexec option set on /dev/shm partitionUnixCIS Debian 9 Workstation L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitionsUnixCIS Debian 9 Workstation L1 v1.0.1
1.1.20 Ensure noexec option set on removable media partitionsUnixCIS Debian 9 Server L1 v1.0.1
1.3.10 Ensure 'Password Profiles' do not existPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
1.13 Ensure 'Disable saving browser history' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
2.9 Ensure 'Allow download restrictions' is set to 'Enabled: Block dangerous downloads'WindowsCIS Google Chrome L1 v2.1.0
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervalsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.1 Ensure that WildFire file size upload limits are maximizedPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
5.2 Ensure a WildFire Analysis profile is enabled for all security policiesPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.2 Ensure forwarding is enabled for all applications and file types in WildFire file blocking profilesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.3 Ensure a WildFire Analysis profile is enabled for all security policiesPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.3 Ensure a WildFire Analysis profile is enabled for all security policiesPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.3 Ensure a WildFire Analysis profile is enabled for all security policiesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.3 Ensure forwarding of decrypted content to WildFire is enabledPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
5.4 Ensure forwarding of decrypted content to WildFire is enabledPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.4 Ensure forwarding of decrypted content to WildFire is enabledPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.5 Ensure alerts are enabled for malicious files detected by WildFirePalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
5.5 Ensure all WildFire session information settings are enabledPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'Palo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'Palo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
5.6 Ensure alerts are enabled for malicious files detected by WildFire - log-type 'wildfire'Palo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'Palo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'Palo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.1 Ensure that antivirus profiles are set to block on all decoders except 'imap' and 'pop3'Palo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.1 Ensure that antivirus profiles are set to reset-both on all decoders except 'imap' and 'pop3'Palo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.2 Ensure a secure antivirus profile is applied to all relevant security policiesPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.2 Ensure a secure antivirus profile is applied to all relevant security policiesPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.2 Ensure a secure antivirus profile is applied to all relevant security policiesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.2 Ensure a secure antivirus profile is applied to all relevant security policiesPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsPalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.3 Ensure an anti-spyware profile is configured to block on all spyware severity levels, categories, and threatsPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.5 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetPalo_AltoCIS Palo Alto Firewall 10 v1.1.0 L1
6.5 Ensure a secure anti-spyware profile is applied to all security policies permitting traffic to the InternetPalo_AltoCIS Palo Alto Firewall 11 v1.0.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 9 v1.1.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0