Control: Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.03 - Defender Plan: Servers > 8.01.03.05 - Ensure that 'File Integrity Monitoring' component status is set to 'On'
Configures auditing against a CIS Benchmark item.
Level: 2
File Integrity Monitoring (FIM) is a feature that monitors critical system files in Windows or Linux for potential signs of attack or compromise.
FIM provides a detection mechanism for compromised files. When FIM is enabled, critical system files are monitored for changes that might indicate a threat actor is attempting to modify system files for lateral compromise within a host operating system.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v5.0 > Maximum Attestation Duration
- Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.03 - Defender Plan: Servers > 8.01.03.05 - Ensure that 'File Integrity Monitoring' component status is set to 'On' > Attestation
- Azure > CIS v5.0
- Azure > CIS v5.0 > 8 - Security Services > 8.01 - Microsoft Defender for Cloud > 8.01.03 - Defender Plan: Servers > 8.01.03.05 - Ensure that 'File Integrity Monitoring' component status is set to 'On'
- Azure > CIS v5.0 > 8 - Security Services
- Azure > CIS v5.0 > 8 - Security Services > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv5-0#/control/types/r08010305
- tmod:@turbot/cis#/control/categories/v070301
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r08010305"
Get Controls
Control Type URI
Category URI
GraphQL
CLI