Ensure auditd service is enabled
Details The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to...
- Home
- Security Hardening
- CIS Amazon Linux V2.1.0 L2
CIS Amazon Linux V2.1.0 L2
Ensure auditing for processes that start prior to auditd is enabled
Details Audit events need to be captured on processes that start up prior to auditd, so that potential malicious activity...Ensure audit logs are not automatically deleted
Details In high security contexts, the benefits of maintaining a long audit history exceed the cost of storing the audit...Ensure audit log storage size is configured
Details It is important that an appropriate size is determined for log files so that they do not impact the...Ensure events that modify date and time information are collected – adjtimex
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...Ensure events that modify date and time information are collected – auditctl adjtimex
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...Ensure events that modify date and time information are collected – auditctl clock_settime b32
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...Ensure events that modify date and time information are collected – auditctl clock_settime b64
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...Ensure events that modify date and time information are collected – auditctl localtime
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...Ensure events that modify date and time information are collected – auditctl time-change
Details Unexpected changes in system date and/or time could be a sign of malicious activity on the system. Solution For...