Ensure Encryption of Data at Rest
Details Encryption of data at rest must be enabled to ensure compliance with security and privacy standards including HIPAA, PCI-DSS,...
- Home
- Security Hardening
- CIS MongoDB 5 L2 OS Windows V1.0.0
CIS MongoDB 5 L2 OS Windows V1.0.0
Ensure Federal Information Processing Standard (FIPS) is enabled
Details The Federal Information Processing Standard (FIPS) is a computer security standard used to certify software modules and libraries that...Ensure legacy TLS protocols are disabled
Details Only modern TLS protocols should be enabled in MongoDB for all client connections and upstream connections. Removing legacy TLS...Ensure that audit filters are configured properly
Details MongoDB Enterprise supports auditing of various operations. When enabled, the audit facility, by default, records all auditable operations as...Ensure that logging captures as much information as possible
Details The SystemLog.quiet option stops logging of information such as: connection events authentication events replication sync activities evidence of some...Ensure that new entries are appended to the end of the log file
Details By default, new log entries will overwrite old entries after a restart of the mongod or Mongols service. Enabling...Ensure that operating system resource limits are set for MongoDB
Details Operating systems provide ways to limit and control the usage of system resources such as threads, files, and network...Ensure that server-side scripting is disabled if not needed
Details MongoDB supports the execution of JavaScript code for certain server-side operations: mapReduce, group, $where, $accumulator, and $function aggregation operations...