Capacity
CCI-001494
Protect audit tools from unauthorized modification.
20
Rule
Severity: High
Verify and Correct File Permissions with RPM
15
Rule
Severity: High
Verify and Correct Ownership with RPM
6
Rule
Severity: Medium
Audit Tools Must Be Group-owned by Root
6
Rule
Severity: Medium
Audit Tools Must Be Owned by Root
9
Rule
Severity: Medium
Verify that audit tools are owned by group root
9
Rule
Severity: Medium
Verify that audit tools are owned by root
9
Rule
Severity: Medium
Verify that audit tools Have Mode 0755 or less
2
Rule
Severity: Medium
Verify Permissions of Local Logs of audit Tools
2
Rule
Severity: Medium
The ALG must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
The application server must protect log tools from unauthorized modification.
2
Rule
Severity: Medium
The application must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
The Central Log Server must protect audit tools from unauthorized modification.
1
Rule
Severity: Medium
The FortiGate device must protect audit tools from unauthorized modification.
1
Rule
Severity: Medium
The HYCU server must protect audit tools from unauthorized access, modification, and deletion.
1
Rule
Severity: Medium
The DataPower Gateway must protect audit tools from unauthorized modification.
1
Rule
Severity: Medium
DB2 must protect its audit configuration from unauthorized modification.
1
Rule
Severity: Medium
The IBM Aspera Console feature audit tools must be protected from unauthorized modification or deletion.
1
Rule
Severity: Medium
The WebSphere Application Server wsadmin file must be protected from unauthorized modification.
1
Rule
Severity: Medium
The IBM z/VM AUDT and Journal Mini Disks must be restricted to the appropriate system administrators.
2
Rule
Severity: Medium
The Mainframe Product must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
The audit information produced by Azure SQL Database must be protected from unauthorized deletion.
1
Rule
Severity: Medium
SQL Server and/or the operating system must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
The network device must protect audit tools from unauthorized modification.
1
Rule
Severity: Medium
Nutanix AOS audit tools must be owned by root.
1
Rule
Severity: Medium
Oracle WebLogic must protect audit tools from unauthorized modification.
2
Rule
Severity: High
The Riverbed NetProfiler must be configured to authenticate each administrator prior to authorizing privileges based on roles.
4
Rule
Severity: Medium
Splunk Enterprise installation directories must be secured.
1
Rule
Severity: Medium
The Tanium Server must protect audit tools from unauthorized access, modification, or deletion.
1
Rule
Severity: Medium
Symantec ProxySG must protect the Web Management Console, SSH, and command line interface (CLI) from unauthorized modification.
4
Rule
Severity: Medium
The Tanium application must prohibit user installation, modification, or deletion of software without explicit privileged status.
1
Rule
Severity: Medium
The Tanium application must prohibit user installation of software without explicit privileged status.
2
Rule
Severity: Medium
$CATALINA_HOME/bin folder permissions must be set to 750.
1
Rule
Severity: Medium
The macOS system must enable System Integrity Protection.
3
Rule
Severity: High
The macOS system must enable System Integrity Protection.
2
Rule
Severity: Medium
The macOS system must configure audit log files to not contain access control lists.
2
Rule
Severity: Medium
The macOS system must configure audit log folders to not contain access control lists.
3
Rule
Severity: Medium
The macOS system must enable security auditing.
3
Rule
Severity: Medium
The macOS system must configure audit log files to be owned by root.
3
Rule
Severity: Medium
The macOS system must configure audit log folders to be owned by root.
2
Rule
Severity: Medium
The macOS system must configure audit log files group to wheel.
2
Rule
Severity: Medium
The macOS system must configure audit log folders group to wheel.
3
Rule
Severity: Medium
The macOS system must configure audit log files to mode 440 or less permissive.
3
Rule
Severity: Medium
The macOS system must configure audit log folders to mode 700 or less permissive.
3
Rule
Severity: Medium
The macOS system must be configured to audit all deletions of object attributes.
3
Rule
Severity: Medium
The macOS system must be configured to audit all changes of object attributes.
3
Rule
Severity: Medium
The macOS system must configure audit_control group to wheel.
3
Rule
Severity: Medium
The macOS system must configure audit_control owner to root.
2
Rule
Severity: Medium
The macOS system must configure audit_control to mode 440 or less permissive.
2
Rule
Severity: Medium
The macOS system must configure audit_control to not contain access control lists.
3
Rule
Severity: High
The macOS system must ensure System Integrity Protection is enabled.
3
Rule
Severity: Medium
The Ubuntu operating system must configure audit tools with a mode of 0755 or less permissive.
2
Rule
Severity: Medium
The Ubuntu operating system must configure audit tools to be owned by root.
2
Rule
Severity: Medium
The Ubuntu operating system must configure the audit tools to be group-owned by root.
4
Rule
Severity: Medium
PostgreSQL must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
The DBMS must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
The container platform must protect audit tools from unauthorized modification.
3
Rule
Severity: Medium
The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification.
6
Rule
Severity: Medium
The operating system must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
AIX audit tools must be owned by root.
2
Rule
Severity: Medium
AIX audit tools must be group-owned by audit.
2
Rule
Severity: Medium
AIX audit tools must be set to 4550 or less permissive.
4
Rule
Severity: Medium
IBM z/OS must limit access for SMF collection files (i.e., SYS1.MANx) to appropriate users and/or batch jobs that perform SMF dump processing.
2
Rule
Severity: Medium
IBM z/OS SMF collection files (i.e., SYS1.MANx) access must be limited to appropriate users and/or batch jobs that perform SMF dump processing.
2
Rule
Severity: Medium
MarkLogic Server must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
MariaDB must protect its audit configuration from unauthorized modification.
3
Rule
Severity: Medium
MongoDB must protect its audit features from unauthorized access.
2
Rule
Severity: Medium
SQL Server must protect its audit configuration from authorized and unauthorized access and modification.
2
Rule
Severity: Medium
Event Viewer must be protected from unauthorized modification and deletion.
2
Rule
Severity: Medium
Windows Server 2019 Event Viewer must be protected from unauthorized modification and deletion.
2
Rule
Severity: Medium
Windows Server 2022 Event Viewer must be protected from unauthorized modification and deletion.
1
Rule
Severity: Medium
The DBMS must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
The system must protect audit tools from unauthorized modification.
2
Rule
Severity: Medium
OL 8 audit tools must be owned by root.
2
Rule
Severity: Medium
OL 8 audit tools must be group-owned by root.
2
Rule
Severity: Medium
The MySQL Database Server 8.0 must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
Automation Controller's log files must be accessible by explicitly defined privilege.
2
Rule
Severity: Medium
Redis Enterprise DBMS must protect its audit configuration from unauthorized modification.
2
Rule
Severity: Medium
OpenShift must protect audit tools from unauthorized access.
1
Rule
Severity: High
The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values.
4
Rule
Severity: Medium
The SUSE operating system audit tools must have the proper permissions configured to protect against unauthorized access.
2
Rule
Severity: Medium
RHEL 9 must use cryptographic mechanisms to protect the integrity of audit tools.
2
Rule
Severity: Medium
The VMM must protect audit tools from unauthorized modification.
4
Rule
Severity: Medium
The ESXi host must implement Secure Boot enforcement.
1
Rule
Severity: Medium
The Photon operating system must protect audit tools from unauthorized modification and deletion.
1
Rule
Severity: Medium
VMware Postgres configuration files must not be accessible by unauthorized users.
3
Rule
Severity: Medium
The Photon operating system must protect audit tools from unauthorized access.
3
Rule
Severity: Medium
The vCenter PostgreSQL service configuration files must not be accessible by unauthorized users.
1
Rule
Severity: Medium
The BIG-IP Core implementation must be configured to protect audit tools from unauthorized modification.
1
Rule
Severity: Medium
The BIG-IP Core implementation must be configured to activate a session lock to conceal information previously visible on the display for connections to virtual servers.
1
Rule
Severity: Medium
The macOS system must configure audit log files to not contain access control lists (ACLs).
1
Rule
Severity: Medium
The macOS system must configure the audit log folder to not contain access control lists (ACLs).
1
Rule
Severity: Medium
The macOS system must configure the audit log files group to wheel.
1
Rule
Severity: Medium
The macOS system must configure the audit log folders group to wheel.
1
Rule
Severity: Medium
The macOS system must be configured to audit all failed read actions on the system.
1
Rule
Severity: Medium
The macOS system must be configured to audit all failed write actions on the system.
1
Rule
Severity: Medium
The macOS system must configure audit_control owner to mode 440 or less permissive.
1
Rule
Severity: Medium
The macOS system must configure audit_control to not contain access control lists (ACLs).
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must configure audit tools with a mode of "755" or less permissive.
1
Rule
Severity: Medium
Ubuntu 22.04 LTS must configure audit tools to be owned by "root".
1
Rule
Severity: Medium
SLEM 5 audit tools must have the proper permissions configured to protect against unauthorized access.
1
Rule
Severity: Medium
TOSS audit tools must be owned by "root".
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules