Operating System Auditing

Tenable Nessus can perform configuration scans of Unix and Windows servers to test for specific policy settings. Supported configuration audit policies include, but are not limited to:

• Anti-Virus Vendor Audits
• CERT recommendations
• CIS best practice guides
• DISA STIGs
• GLBA guidelines
• HIPAA profiles
• NIST SCAP and FDCC content
• NSA best practice guides
• PCI configuration requirements
• Recommended vendor settings

The types of configuration audits performed by Tenable Nessus include Windows user policies, file permissions, registry permissions, service permissions and specific security policies such as Kerberos and event auditing policies. Windows tests can also include custom WMI queries and scanning for computers that have been infected with viruses and malware. For Unix systems, user policies, file permissions, running processes and file content checks can be audited. Combinations of each of these types of audits can be combined to perform tests against thousands of files, registry settings, users and so on.