| WN11-CC-000066 |
V2R2 |
Command line data must be included in process creation events. |
|
| WN11-CC-000326 |
V2R2 |
PowerShell script block logging must be enabled on Windows 11. |
|
| WN10-CC-000066 |
V3R2 |
Command line data must be included in process creation events. |
|
| WN10-CC-000326 |
V3R2 |
PowerShell script block logging must be enabled on Windows 10. |
|
| WN19-CC-000090 |
V3R2 |
Windows Server 2019 command line data must be included in process creation events. |
|
| WN19-CC-000460 |
V3R2 |
Windows Server 2019 PowerShell script block logging must be enabled. |
|
| WN16-CC-000100 |
V2R7 |
Command line data must be included in process creation events. |
|
| WN16-CC-000490 |
V2R7 |
PowerShell script block logging must be enabled. |
|
| WN22-CC-000090 |
V1R4 |
Windows Server 2022 command line data must be included in process creation events. |
|
| WN22-CC-000460 |
V1R4 |
Windows Server 2022 PowerShell script block logging must be enabled. |
|
| RHEL-07-030630 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the passwd command. |
|
| RHEL-07-030640 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the unix_chkpwd command. |
|
| RHEL-07-030650 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the gpasswd command. |
|
| RHEL-07-030660 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the chage command. |
|
| RHEL-07-030670 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the userhelper command. |
|
| RHEL-07-030740 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the mount command and syscall. |
|
| RHEL-07-030750 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the umount command. |
|
| RHEL-07-030760 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the postdrop command. |
|
| RHEL-07-030770 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the postqueue command. |
|
| RHEL-07-030780 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the ssh-keysign command. |
|
| RHEL-07-030800 |
V3R6 |
The Red Hat Enterprise Linux operating system must audit all uses of the crontab command. |
|
| OL08-00-020240 |
V1R3 |
OL 8 duplicate User IDs (UIDs) must not exist for interactive users. |
|
| OL07-00-030630 |
V2R11 |
The Oracle Linux operating system must audit all uses of the passwd command. |
|
| OL07-00-030640 |
V2R11 |
The Oracle Linux operating system must audit all uses of the unix_chkpwd command. |
|
| OL07-00-030650 |
V2R11 |
The Oracle Linux operating system must audit all uses of the gpasswd command. |
|
| OL07-00-030660 |
V2R11 |
The Oracle Linux operating system must audit all uses of the chage command. |
|
| OL07-00-030670 |
V2R11 |
The Oracle Linux operating system must audit all uses of the userhelper command. |
|
| OL07-00-030740 |
V2R11 |
The Oracle Linux operating system must audit all uses of the mount command and syscall. |
|
| OL07-00-030750 |
V2R11 |
The Oracle Linux operating system must audit all uses of the umount command. |
|
| OL07-00-030760 |
V2R11 |
The Oracle Linux operating system must audit all uses of the postdrop command. |
|
| OL07-00-030770 |
V2R11 |
The Oracle Linux operating system must audit all uses of the postqueue command. |
|
| OL07-00-030780 |
V2R11 |
The Oracle Linux operating system must audit all uses of the ssh-keysign command. |
|
| OL07-00-030800 |
V2R11 |
The Oracle Linux operating system must audit all uses of the crontab command. |
|