Ensure an industry standard authentication mechanism is used – authenticationMechanisms
Details Using one or more industry standard authentication mechanisms helps organizations enforce their account and password policies for their MongoDB...
- Home
- Security Hardening
- CIS MongoDB 3.2 L2 Unix V1.0.0
CIS MongoDB 3.2 L2 Unix V1.0.0
Ensure an industry standard authentication mechanism is used – authorization
Details Using one or more industry standard authentication mechanisms helps organizations enforce their account and password policies for their MongoDB...Ensure an industry standard authentication mechanism is used – clusterAuthMode
Details Using one or more industry standard authentication mechanisms helps organizations enforce their account and password policies for their MongoDB...Ensure an industry standard authentication mechanism is used – mode
Details Using one or more industry standard authentication mechanisms helps organizations enforce their account and password policies for their MongoDB...Ensure that logging captures as much information as possible
Details The SystemLog.quiet option stops logging of information such as: connection events authentication events replication sync activities evidence of some...Ensure that new entries are appended to the end of the log file
Details By default, new log entries will overwrite old entries after a restart of the mongod or Mongols service. Enabling...Ensure that operating system resource limits are set for MongoDB
Details Operating systems provide ways to limit and control the usage of system resources such as threads, files, and network...Ensure that server-side scripting is disabled if not needed
Details MongoDB supports the execution of JavaScript code for certain server-side operations: mapReduce, group, and $where. If you do not...