CIS MongoDB 3.4 L1 Unix V1.0.0

Details Authentication is enabled in a sharded cluster when keyfiles are created and configured for all components. This ensures that...

Details The Federal Information Processing Standard (FIPS) is a computer security standard used to certify software modules and libraries that...

Details MongoDB Enterprise supports auditing of various operations. When enabled, the audit facility, by default, records all auditable operations as...

Details This setting ensures that all clients, users, and/or servers are required to authenticate prior to being granted access to...

Details MongoDB database files need to be protected using file permissions. Rationale: This will restrict unauthorized users from accessing the...

Details The key file is used for authentication in the sharded cluster. Implementing proper file permissions on the key file...

Details MongoDB should not be set to bypass authentication via the localhost exception. The localhost exception allows you to enable...

Details The MongoDB service should not be run using a privileged account such as ‘root’ because this unnecessarily exposes the...

Details Ensuring that MongoDB runs in a trusted network environment involves limiting the network interfaces on which MongoDB instances listen...

Details Changing the port used by MongoDB makes it harder for attackers to find the database and target it. Rationale:...