BigFix Compliance: Updated CIS Checklist for AIX 7.1, published 2022-03-21

Product:
BigFix Compliance

Title:
Updated CIS Checklist for AIX 7.1 to support more recent version of benchmark

Security Benchmark:
CIS IBM AIX 7.1 Benchmark, v2.0.0

Published Sites:
CIS Checklist for AIX 7_1 RG03, site version 17
(The site version is provided for air-gap customers.)

Details:
Release Notes
Most checks have been renamed and some have been combined into one. Here is a list of renumbering’s along with any changes:
#old new notes

• CIS-4.12.15 CIS-3.1.1.1 All users including system users must now have a password set.

• CIS-3.1.8 CIS-3.1.2.1 The histexpire is now 26.

• CIS-3.2.7 CIS-3.1.2.3 The loginretries is now 5.

• CIS-3.1.10 CIS-3.1.2.5 THe maxexpired is now 4.

• CIS-3.1.7 CIS-3.1.2.6 THe maxrepeats is now 4.

• CIS-3.1.2 CIS-3.1.2.7 The minage is now 0.

• CIS-3.1.4 CIS-3.1.2.11 The minlen is now 14.

• CIS-4.12.6 CIS-3.3.1.1 Also check lssrc.

• CIS-4.5.3 CIS-3.3.5.2 Also check nodev.

• CIS-4.5.6 CIS-3.3.5.5 Check anon=-1.

• CIS-4.2.15 CIS-3.6.2.12 There is a new list of ciphers.

• CIS-4.4.8 CIS-3.6.1.10 Now perms should be 644.

• CIS-4.12.10 CIS-3.6.6.1 The umask is now 027.

• CIS-4.11.20 CIS-3.6.8.1.1 Also check group writeable and owner.

• CIS-3.7.6.1 CIS-3.6.8.2.1 Also allow bin owner.

• CIS-4.2.2 CIS-3.6.2.2 Also allow prohibit-password and forced-commands-only.

• CIS-4.12.16 CIS-3.1.1.2

• CIS-4.12.17 CIS-3.1.1.3

• CIS-3.1.9 CIS-3.1.2.2

• CIS-3.1.3 CIS-3.1.2.4

• CIS-3.1.5 CIS-3.1.2.8

• CIS-3.1.1 CIS-3.1.2.9

• CIS-3.1.13 CIS-3.1.2.10

• CIS-3.1.11 CIS-3.1.2.12

• CIS-3.1.6 CIS-3.1.2.13

• CIS-3.1.14 CIS-3.1.2.14

• CIS-3.1.12 CIS-3.1.2.15

• CIS-3.2.1.4 CIS-3.1.3.1

• CIS-3.2.1.2 CIS-3.1.3.2

• CIS-3.2.1.1 CIS-3.1.3.3

• CIS-3.2.1.3 CIS-3.1.3.8

• CIS-3.2.1.5 CIS-3.1.3.6

• CIS-3.2.1.6 CIS-3.1.3.9

• CIS-3.2.1.7 CIS-3.1.3.5

• CIS-4.12.9 CIS-3.1.3.10

• CIS-4.12.14 CIS-3.2.6

• CIS-3.3.1 CIS-3.3.1.4

• CIS-3.3.17 CIS-3.3.2.18

• CIS-3.3.36 CIS-3.3.4.2

• CIS-3.3.26 CIS-3.3.4.4

• CIS-3.3.37 CIS-3.3.4.5

• CIS-3.3.39 CIS-3.3.4.6

• CIS-3.3.25 CIS-3.3.4.7

• CIS-3.3.51 CIS-3.3.4.8

• CIS-3.3.35 CIS-3.3.4.9

• CIS-3.3.49 CIS-3.3.4.10

• CIS-3.3.52 CIS-3.3.4.11

• CIS-3.3.45 CIS-3.3.4.12

• CIS-3.3.46 CIS-3.3.4.13

• CIS-3.3.34 CIS-3.3.4.16

• CIS-3.3.40 CIS-3.3.4.17

• CIS-3.3.50 CIS-3.3.4.18

• CIS-3.3.47 CIS-3.3.4.20

• CIS-3.3.41 CIS-3.3.4.21

• CIS-3.3.42 CIS-3.3.4.22

• CIS-3.3.43 CIS-3.3.4.23

• CIS-3.3.27 CIS-3.3.4.24

• CIS-3.3.44 CIS-3.3.4.25

• CIS-3.3.33 CIS-3.3.4.27

• CIS-3.3.24 CIS-3.3.4.28

• CIS-3.3.31 CIS-3.3.4.30

• CIS-3.3.30 CIS-3.3.4.31

• CIS-4.5.4 CIS-3.3.5.3

• CIS-3.6.10 CIS-3.4.1

• CIS-3.6.3 CIS-3.4.2

• CIS-3.6.8 CIS-3.4.3

• CIS-3.6.11 CIS-3.4.4

• CIS-3.6.5 CIS-3.4.5

• CIS-3.6.2 CIS-3.4.6

• CIS-3.6.6 CIS-3.4.7

• CIS-3.6.1 CIS-3.4.8

• CIS-3.6.13 CIS-3.4.9

• CIS-3.6.4 CIS-3.4.10

• CIS-3.6.7 CIS-3.4.11

• CIS-3.6.21 CIS-3.4.12

• CIS-3.6.14 CIS-3.4.13

• CIS-3.6.16 CIS-3.4.14

• CIS-3.6.9 CIS-3.4.15

• CIS-3.6.15 CIS-3.4.16

• CIS-3.6.12 CIS-3.4.17

• CIS-3.7.7 CIS-3.5.2

• CIS-4.12.20 CIS-3.6.11

• CIS-4.12.19 CIS-3.6.12

• CIS-4.2.5.1 CIS-3.6.2.3

• CIS-4.2.6 CIS-3.6.2.4

• CIS-4.2.7 CIS-3.6.2.5

• CIS-4.2.8 CIS-3.6.2.6

• CIS-4.2.11 CIS-3.6.2.8

• CIS-4.2.12 CIS-3.6.2.9

• CIS-4.2.13 CIS-3.6.2.11

• CIS-4.2.16 CIS-3.6.2.13

• CIS-4.3.1 CIS-3.6.3.1

• CIS-4.3.2 CIS-3.6.3.2

• CIS-4.3.3 CIS-3.6.3.3

• CIS-3.2.5 CIS-3.6.4.1

• CIS-3.2.6 CIS-3.6.4.2

• CIS-3.7.4 CIS-3.6.4.3

• CIS-3.1.15 CIS-3.6.4.4

• CIS-3.7.3 CIS-3.6.6.3

• CIS-4.11.5 CIS-3.6.8.1.3

• CIS-4.11.1 CIS-3.6.8.1.4

• CIS-4.11.4 CIS-3.6.8.1.5

• CIS-4.11.12 CIS-3.6.8.1.6

• CIS-4.11.17 CIS-3.6.8.1.7

• CIS-4.11.8 CIS-3.6.8.1.8

• CIS-4.11.6 CIS-3.6.8.2.3

• CIS-4.11.2 CIS-3.6.8.2.4

• CIS-3.3.53 CIS-3.6.8.2.5

• CIS-4.12.12.2 CIS-3.6.8.2.6

• CIS-4.11.3 CIS-3.6.8.2.7

• CIS-4.2.19 CIS-3.6.8.2.8

• CIS-4.2.18 CIS-3.6.8.2.9

• CIS-4.11.9 CIS-3.6.8.2.10

• CIS-4.11.10 CIS-3.6.8.2.11

• CIS-4.11.13 CIS-3.6.8.2.12

• CIS-4.11.7 CIS-3.6.8.2.13

• CIS-4.11.14 CIS-3.6.8.2.14

• CIS-4.11.15 CIS-3.6.8.2.15

• CIS-4.11.16 CIS-3.6.8.2.16

• CIS-3.7.2 CIS-3.2.5

• CIS-3.7.1 CIS-3.2.7

• CIS-3.3.4 CIS-3.3.1.2

• CIS-3.3.3 CIS-3.3.1.3

• CIS-3.3.5 CIS-3.3.1.5

• CIS-3.3.21 CIS-3.3.2.2

• CIS-3.3.8 CIS-3.3.2.3

• CIS-3.3.9 CIS-3.3.2.4

• CIS-3.3.10 CIS-3.3.2.5

• CIS-3.3.18 CIS-3.3.2.6

• CIS-3.3.12 CIS-3.3.2.7

• CIS-3.3.13 CIS-3.3.2.10

• CIS-3.3.14 CIS-3.3.2.11

• CIS-3.3.15 CIS-3.3.2.13

• CIS-3.3.16 CIS-3.3.2.14

• CIS-3.3.6 CIS-3.3.2.15

• CIS-3.3.7 CIS-3.3.2.16

• CIS-3.3.20 CIS-3.3.2.17

• CIS-3.3.11 CIS-3.3.3.1

• CIS-3.3.22 CIS-3.3.3.2

• CIS-3.3.23 CIS-3.3.3.3

• CIS-4.5.2 CIS-3.3.5.1

• CIS-4.4.1 CIS-3.6.1.1

• CIS-3.3.28 CIS-3.6.1.2

• CIS-3.3.38 CIS-3.6.1.4

• CIS-4.4.4 CIS-3.6.1.6

• CIS-3.5.2 CIS-3.6.5.4

• CIS-4.6.1 CIS-3.6.5.1.1

• CIS-4.6.2 CIS-3.6.5.1.2

• CIS-4.6.4 CIS-3.6.5.1.4

• CIS-4.7.1 CIS-3.6.5.2.1

• CIS-4.7.2 CIS-3.6.5.2.2

• CIS-4.7.3 CIS-3.6.5.2.3

• CIS-4.7.4 CIS-3.6.5.2.4

• CIS-4.7.4 CIS-3.6.5.2.5

• CIS-4.1.2.1 CIS-3.7.1.2

• CIS-4.1.3 CIS-3.7.1.3

• CIS-4.11.18 CIS-3.6.8.2.2

Actions to take:

• To subscribe to the above site, you can use the License Overview Dashboard to enable and gather the site. Note that you must be entitled to the BigFix Compliance product and you must be using BigFix version 9.2 and later.

• If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see https://help.hcltechsw.com/bigfix/10.0/compliance/Compliance/SCM_Users_Guide/c_using_synchronize_custom_checks_wiz.html

More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:

• BigFix Forum:
  https://forum.bigfix.com/c/release-announcements/compliance
• BigFix Compliance SCM Checklists:
  https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists

We hope you find this latest release of SCM content useful and effective. Thank you!
– The BigFix Compliance team