Disable Automounting
Details autofs allows automatic mounting of devices, typically including CD/DVDs and USB drives. Rationale: With automounting enabled anyone with physical...
- Home
- Security Hardening
- CIS Ubuntu Linux 20.04 LTS Workstation L2 V1.1.0
CIS Ubuntu Linux 20.04 LTS Workstation L2 V1.1.0
Disable IPv6
Details Although IPv6 has many advantages over IPv4, not all organizations have IPv6 or dual stack configurations implemented. Rationale: If...Disable USB Storage – lsmod
Details USB storage provides a means to transfer and store files insuring persistence and availability of the files independent of...Disable USB Storage – modprobe
Details USB storage provides a means to transfer and store files insuring persistence and availability of the files independent of...Ensure all AppArmor Profiles are enforcing – complain
Details AppArmor profiles define what resources applications are able to access. Rationale: Security configuration requirements vary from site to site....Ensure all AppArmor Profiles are enforcing – loaded
Details AppArmor profiles define what resources applications are able to access. Rationale: Security configuration requirements vary from site to site....Ensure all AppArmor Profiles are enforcing – unconfined
Details AppArmor profiles define what resources applications are able to access. Rationale: Security configuration requirements vary from site to site....Ensure audit_backlog_limit is sufficient
Details The backlog limit has a default setting of 64 Rationale: during boot if audit=1, then the backlog will hold...Ensure auditd is installed
Details auditd is the userspace component to the Linux Auditing System. It’s responsible for writing audit records to the disk...Ensure auditd service is enabled
Details Enable and start the auditd daemon to record system events. Rationale: The capturing of system events provides system administrators...