检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
On the displayed slide-out panel on the right, you can view the audit description, suggestion, and affected images of the check item. Password Complexity Policy Risks Check Affected Images and Policy Risks, and modify your password complexity policies based on Suggestion.
On the displayed slide-out panel on the right, you can view the audit description, suggestion, and affected images of the check item. Password Complexity Policy Risks Check Affected Images and Policy Risks, and modify your password complexity policies based on Suggestion.
Rule: Use the MySQL audit plug-in. Viewing Baseline Check Overview Information Log in to the management console. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
Example: administrators, database users, audit users Open Control Panel. Click Administrative Tools. Open Computer Management. Choose System Tools > Local Users and Groups. Create users and groups as needed. Periodically check and delete unnecessary accounts.
166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 apiVersion: v1 kind: Namespace metadata: labels: admission.gatekeeper.sh/ignore: no-self-managing control-plane: controller-manager gatekeeper.sh/system: "yes" pod-security.kubernetes.io/audit
In the row of a baseline item, click View Details in the Operation column to view the check item description, audit description, and suggestions. You can fix the baseline items that failed to pass the check based on the suggestions.
AUDIT_READ Allow reading audit logs via multicast netlink socket. BLOCK_SUSPEND Allow suspension prevention. BPF Allow creating BPF maps, loading BPF Type Format (BTF) data, retrieve JITED code of BPF programs, and more.
Example: administrators, database users, audit users Open Control Panel. Click Administrative Tools. Open Computer Management. Choose System Tools > Local Users and Groups. Create users and groups as needed. Periodically check and delete unnecessary accounts.
Table 26 Container audit Function Description Basic Edition Professional Edition Enterprise Edition Premium Edition WTP Edition Container Edition Container audit Keep track of the operations and activities in your container clusters, gaining insight into every phase of the container
enterprise_project_id=xxx Example Responses Status code: 200 Request succeeded. { "total_num" : 1, "data_list" : [ { "check_name" : "Docker", "check_rule_num" : 25, "check_type" : "Docker", "check_type_desc" : "Configuring security audit of Docker's host configurations
Check Whether the Audit Login Is Successful After this function is enabled, HSS reports successful logins. : enabled : disabled Block Non-whitelisted Attack IP Address After this function is enabled, HSS blocks the login of brute force IP addresses (non-whitelisted IP addresses).
HSS Operations Supported by CTS Cloud Trace Service (CTS) records all operations on HSS, including requests initiated from the management console or open APIs and responses to the requests, for tenants to query, audit, and trace. Table 1 provides more details.
Linux system configurations: iptables rules Windows system configurations: Firewall rules System login event audit policy and the configuration of login security layer and authentication mode Windows Remote Management trusted server list Restrictions on Brute-force Attack Defense
