Capacity
CCI-001493
Protect audit tools from unauthorized access.
Choose one
20
Rule
Severity: High
Verify and Correct File Permissions with RPM
6
Rule
Severity: Medium
Audit Tools Must Be Group-owned by Root
6
Rule
Severity: Medium
Audit Tools Must Be Owned by Root
6
Rule
Severity: Medium
Audit Tools Must Have a Mode of 0755 or Less Permissive
9
Rule
Severity: Medium
Verify that audit tools are owned by group root
9
Rule
Severity: Medium
Verify that audit tools are owned by root
9
Rule
Severity: Medium
Verify that audit tools Have Mode 0755 or less
2
Rule
Severity: Medium
Verify Permissions of Local Logs of audit Tools
2
Rule
Severity: Medium
The ALG must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
The application server must protect log tools from unauthorized access.
2
Rule
Severity: Medium
The application must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The CA API Gateway must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
The Central Log Server must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The FortiGate device must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The HYCU server must protect audit tools from unauthorized access, modification, and deletion.
1
Rule
Severity: Medium
The DataPower Gateway must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
DB2 must protect its audit features from unauthorized access.
1
Rule
Severity: Medium
The IBM Aspera Console must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
The WebSphere Liberty Server must protect log tools from unauthorized access.
1
Rule
Severity: Medium
The WebSphere Application Server wsadmin file must be protected from unauthorized access.
1
Rule
Severity: Medium
CA VM:Secure product SECURITY CONFIG file must be restricted to appropriate personnel.
2
Rule
Severity: Medium
The Mainframe Product must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
The audit information produced by Azure SQL Database must be protected from unauthorized read access.
1
Rule
Severity: Medium
Audit tools used in, or in conjunction with, SQL Server must be protected from unauthorized access.
2
Rule
Severity: Medium
The network device must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
Nutanix AOS audit tools must be configured to 0755 or less permissive.
1
Rule
Severity: Medium
Oracle WebLogic must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
Users requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.
2
Rule
Severity: High
The Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.
1
Rule
Severity: Medium
Riverbed Optimization System (RiOS) must protect audit tools from unauthorized access.
4
Rule
Severity: Medium
Splunk Enterprise installation directories must be secured.
1
Rule
Severity: Medium
The Tanium Server must protect audit tools from unauthorized access, modification, or deletion.
1
Rule
Severity: Medium
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized access.
4
Rule
Severity: Medium
The Tanium application must prohibit user installation, modification, or deletion of software without explicit privileged status.
1
Rule
Severity: Medium
The Tanium application must prohibit user installation of software without explicit privileged status.
2
Rule
Severity: Medium
$CATALINA_HOME/bin folder permissions must be set to 750.
1
Rule
Severity: Medium
The macOS system must enable System Integrity Protection.
3
Rule
Severity: High
The macOS system must enable System Integrity Protection.
2
Rule
Severity: Medium
The macOS system must configure audit log files to not contain access control lists.
2
Rule
Severity: Medium
The macOS system must configure audit log folders to not contain access control lists.
3
Rule
Severity: Medium
The macOS system must configure audit log files to be owned by root.
3
Rule
Severity: Medium
The macOS system must configure audit log folders to be owned by root.
2
Rule
Severity: Medium
The macOS system must configure audit log files group to wheel.
2
Rule
Severity: Medium
The macOS system must configure audit log folders group to wheel.
3
Rule
Severity: Medium
The macOS system must configure audit log files to mode 440 or less permissive.
3
Rule
Severity: Medium
The macOS system must configure audit log folders to mode 700 or less permissive.
3
Rule
Severity: Medium
The macOS system must be configured to audit all deletions of object attributes.
3
Rule
Severity: Medium
The macOS system must be configured to audit all changes of object attributes.
3
Rule
Severity: Medium
The macOS system must configure audit_control group to wheel.
3
Rule
Severity: Medium
The macOS system must configure audit_control owner to root.
2
Rule
Severity: Medium
The macOS system must configure audit_control to mode 440 or less permissive.
2
Rule
Severity: Medium
The macOS system must configure audit_control to not contain access control lists.
3
Rule
Severity: High
The macOS system must ensure System Integrity Protection is enabled.
3
Rule
Severity: Medium
The Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive.
3
Rule
Severity: Medium
The Ubuntu operating system must configure audit tools to be owned by root.
3
Rule
Severity: Medium
The Ubuntu operating system must configure the audit tools to be group-owned by root.
4
Rule
Severity: Medium
PostgreSQL must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
The DBMS must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
The container platform must protect audit tools from unauthorized access.
3
Rule
Severity: Medium
The EDB Postgres Advanced Server must protect its audit features from unauthorized access.
6
Rule
Severity: Medium
The operating system must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
AIX audit tools must be owned by root.
2
Rule
Severity: Medium
AIX audit tools must be group-owned by audit.
2
Rule
Severity: Medium
AIX audit tools must be set to 4550 or less permissive.
4
Rule
Severity: Medium
IBM z/OS must limit access for SMF collection files (i.e., SYS1.MANx) to appropriate users and/or batch jobs that perform SMF dump processing.
2
Rule
Severity: Medium
IBM z/OS SMF collection files (i.e., SYS1.MANx) access must be limited to appropriate users and/or batch jobs that perform SMF dump processing.
2
Rule
Severity: High
The ICS must be configured to prevent nonprivileged users from executing privileged functions.
2
Rule
Severity: Medium
The Juniper EX switch must be configured to protect audit tools from unauthorized access.
2
Rule
Severity: Medium
MarkLogic Server must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
MariaDB must protect its audit features from unauthorized access.
3
Rule
Severity: Medium
MongoDB must protect its audit features from unauthorized access.
1
Rule
Severity: Medium
The DBMS must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
The system must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
OL 8 audit tools must have a mode of "0755" or less permissive.
2
Rule
Severity: Medium
OL 8 audit tools must be owned by root.
2
Rule
Severity: Medium
OL 8 audit tools must be group-owned by root.
2
Rule
Severity: Medium
The MySQL Database Server 8.0 must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
Automation Controller's log files must be accessible by explicitly defined privilege.
2
Rule
Severity: Medium
Redis Enterprise DBMS must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
OpenShift must prevent unauthorized changes to logon UIDs.
2
Rule
Severity: Medium
OpenShift must protect audit tools from unauthorized access.
2
Rule
Severity: Medium
RHEL 8 audit tools must have a mode of 0755 or less permissive.
2
Rule
Severity: Medium
RHEL 8 audit tools must be owned by root.
2
Rule
Severity: Medium
RHEL 8 audit tools must be group-owned by root.
2
Rule
Severity: Medium
RHEL 9 audit tools must have a mode of 0755 or less permissive.
4
Rule
Severity: Medium
The SUSE operating system audit tools must have the proper permissions configured to protect against unauthorized access.
2
Rule
Severity: Medium
RHEL 9 audit tools must be owned by root.
2
Rule
Severity: Medium
RHEL 9 audit tools must be group-owned by root.
2
Rule
Severity: Medium
RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.
2
Rule
Severity: Medium
The VMM must protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The Photon operating system audit files and directories must have correct permissions.
1
Rule
Severity: Medium
VMware Postgres configuration files must not be accessible by unauthorized users.
3
Rule
Severity: Medium
The Photon operating system must protect audit tools from unauthorized access.
3
Rule
Severity: Medium
The vCenter PostgreSQL service configuration files must not be accessible by unauthorized users.
1
Rule
Severity: Medium
The BIG-IP appliance must be configured to protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The BIG-IP Core implementation must be configured to protect audit tools from unauthorized access.
1
Rule
Severity: Medium
The macOS system must configure audit log files to not contain access control lists (ACLs).
1
Rule
Severity: Medium
The macOS system must configure the audit log folder to not contain access control lists (ACLs).
1
Rule
Severity: Medium
The macOS system must configure the audit log files group to wheel.
1
Rule
Severity: Medium
The macOS system must configure the audit log folders group to wheel.
1
Rule
Severity: Medium
The macOS system must be configured to audit all failed read actions on the system.
1
Rule
Severity: Medium
The macOS system must be configured to audit all failed write actions on the system.
1
Rule
Severity: Medium
The macOS system must configure audit_control owner to mode 440 or less permissive.
1
Rule
Severity: Medium
The macOS system must configure audit_control to not contain access control lists (ACLs).
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must configure audit tools with a mode of "755" or less permissive.
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must configure audit tools to be owned by "root".
1
Rule
Severity: Medium
SLEM 5 audit tools must have the proper permissions configured to protect against unauthorized access.
1
Rule
Severity: Medium
SLEM 5 audit tools must have the proper permissions applied to protect against unauthorized access.
1
Rule
Severity: Medium
TOSS audit tools must be owned by "root".
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules
66%