This Control directly supports the implied Control(s):
Establish, implement, and maintain system hardening procedures., CC ID: 12001
This Control has the following implementation support Control(s):
Configure the "autolock" argument to organizational standards., CC ID: 14547
Configure the "COPY" instruction to organizational standards., CC ID: 14515
Configure the "memory" argument to organizational standards., CC ID: 14497
Configure the "docker0" bridge to organizational standards., CC ID: 14504
Configure the "docker exec commands" to organizational standards., CC ID: 14502
Configure the "health-cmd" argument to organizational standards., CC ID: 14527
Configure the "HEALTHCHECK" to organizational standards., CC ID: 14511
Configure the maximum number of images to organizational standards., CC ID: 14545
Configure the minimum number of manager nodes to organizational standards., CC ID: 14543
Configure the "on-failure" restart policy to organizational standards., CC ID: 14542
Configure the maximum number of containers to organizational standards., CC ID: 14540
Configure the "lifetime_minutes" to organizational standards., CC ID: 14539
Configure the "Linux kernel capabilities" to organizational standards., CC ID: 14531
Configure the "Docker socket" to organizational standards., CC ID: 14506
Configure the "read-only" argument to organizational standards., CC ID: 14498
Configure the signed image enforcement to organizational standards., CC ID: 14517
Configure the "storage-opt" argument to organizational standards., CC ID: 14658
Configure the "swarm services" to organizational standards., CC ID: 14516
Configure the "experimental" argument to organizational standards., CC ID: 14494
Configure the cluster role-based access control policies to organizational standards., CC ID: 14514
Configure the "secret management commands" to organizational standards., CC ID: 14512
Configure the "renewal_threshold_minutes" to organizational standards., CC ID: 14538
Configure the "docker swarm unlock-key" command to organizational standards., CC ID: 14490
Configure the "per_user_limit" to organizational standards., CC ID: 14523
Configure the "privileged" argument to organizational standards., CC ID: 14510
Configure the "update instructions" to organizational standards., CC ID: 14525
Configure the "swarm mode" to organizational standards., CC ID: 14508
Configure the "USER" directive to organizational standards., CC ID: 14507
Configure the "DOCKER_CONTENT_TRUST" to organizational standards., CC ID: 14488
Configure the "no-new-privileges" argument to organizational standards., CC ID: 14474
Configure the "seccomp-profile" argument to organizational standards., CC ID: 14503
Configure the "cpu-shares" argument to organizational standards., CC ID: 14489
Configure the "volume" argument to organizational standards., CC ID: 14533
Configure the "cgroup-parent" to organizational standards., CC ID: 14466
Configure the "live-restore" argument to organizational standards., CC ID: 14465
Configure the "userland-proxy" argument to organizational standards., CC ID: 14464
Configure the "user namespace support" to organizational standards., CC ID: 14462
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Ensure that authorization for Docker client commands is enabled Description: You should use native Docker authorization plugins or a third party authorization mechanism with the Docker daemon to manage access to Docker client commands. Rationale: Docker's out-of-the-box authorization model is curren… (2.11, The Center for Internet Security Docker Level 2 Docker Linux Benchmark, 1.2.0)
