Ensure that MongoDB does not bypass authentication via the localhost exception
Details MongoDB should not be set to bypass authentication via the localhost exception. The localhost exception allows the user to...
- Home
- Security Hardening
- CIS MongoDB 4 L1 OS Windows V1.0.0
CIS MongoDB 4 L1 OS Windows V1.0.0
Ensure that MongoDB does not bypass authentication via the localhost exception
Details MongoDB should not be set to bypass authentication via the localhost exception. The localhost exception allows the user to...Ensure that MongoDB is run using a non-privileged, dedicated service account
Details The MongoDB service should not be run using a privileged account such as ‘root’ because this unnecessarily exposes the...Ensure that MongoDB is run using a non-privileged, dedicated service account
Details The MongoDB service should not be run using a privileged account such as ‘root’ because this unnecessarily exposes the...Ensure that MongoDB uses a non-default port
Details Changing the default port used by MongoDB makes it harder for attackers to find the database and target it....Ensure that MongoDB uses a non-default port
Details Changing the default port used by MongoDB makes it harder for attackers to find the database and target it....Ensure that system activity is audited
Details Track access and changes to database configurations and data. MongoDB Enterprise includes a system auditing facility that can record...Ensure that system activity is audited
Details Track access and changes to database configurations and data. MongoDB Enterprise includes a system auditing facility that can record...Ensure Weak Protocols are Disabled
Details Servers can be configured to disable specific TLS/SSL protocol versions which may be vulnerable to exploitation and/or lack features...Ensure Weak Protocols are Disabled
Details Servers can be configured to disable specific TLS/SSL protocol versions which may be vulnerable to exploitation and/or lack features...