This topic describes all baseline checks.

Category Baseline check Description Number of check items
Weak passwords Weak Password-MongoDB Weak Password baseline(support version 2. X) Checks weak passwords for MongoDB users. MongoDB 2.x supports this baseline check. 1
Weak password - SQL Server DB login weak password baseline Checks weak passwords that are used to log on to Microsoft SQL Server databases. 1
Weak Password-MongoDB Weak Password baseline Checks weak passwords for MongoDB users. MongoDB 3.x and 4.x support this baseline check. 1
Weak password - Mysql DB login weak password baseline Checks weak passwords that are used to log on to MySQL databases. This baseline check provides more samples to detect weak passwords. 1
Weak password - Mysql DB login weak password baseline(Windows version) Checks weak passwords that are used to log on to MySQL databases. This baseline check is suitable only for Windows operating systems. 1
Weak password - PostgreSQL DB login weak password baseline Checks weak passwords that are used to log on to PostgreSQL databases. 1
Weak password - Redis DB login weak password baseline Checks weak passwords that are used to log on to Redis databases. 1
Weak password - rsync login weak password baseline Checks weak passwords that are used to log on to rsync servers. 1
Weak password - svn login weak password baseline Checks weak passwords that are used to log on to Subversion servers. 1
Weak password - Linux system login weak password baseline Checks weak passwords that are used to log on to Linux operating systems. This baseline check provides more samples to detect weak passwords. 1
Weak password - Windows system login weak password baseline Checks weak passwords that are used to log on to Windows Server operating systems. This baseline check provides more samples to detect weak passwords. 1
Weak password - Apache Tomcat Console weak password baseline Checks weak passwords that are used to log on to the Apache Tomcat console. Apache Tomcat 7, 8, and 9 support this baseline check. 1
Weak password - Ftp login weak password baseline Checks anonymous logons and weak passwords that are used to log on to FTP servers. 1
High-risk exploitation High risk exploit - CouchDB unauthorized access high exploit risk Checks Apache CouchDB vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - Docker unauthorized access high vulnerability risk Checks Docker vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - Elasticsearch unauthorized access high exploit vulnerability risk Checks Elasticsearch vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - Hadoop unauthorized access high exploit vulnerability risk Checks Apache Hadoop vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - Jenkins unauthorized access high exploit vulnerability risk Checks Jenkins vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - Memcached unauthorized access high exploit vulnerability risk Checks memcached vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit- Apache Tomcat AJP File Read/Inclusion Vulnerability Checks Apache JServ Protocol (AJP) vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
High risk exploit - ZooKeeper unauthorized access high exploit vulnerability risk Checks Apache ZooKeeper vulnerabilities that can be exploited by attackers to implement unauthorized access. 1
Container security Alibaba Cloud Standard -DockerSecurity Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Docker. 13
Alibaba Cloud Standard-Kubernetes-Master security baseline check Checks the baseline against the Alibaba Cloud standard of best practices for Kubernetes Master. 17
Alibaba Cloud Standard-Kubernetes-Node security baseline check Checks the baseline against the Alibaba Cloud standard of best practices for Kubernetes Node. 7
Best security practices Alibaba Cloud Linux/Aliyun Linux 2 Benchmark Checks the baseline against the Alibaba Cloud standard of best practices for Alibaba Cloud Linux 2. 14
Alibaba Cloud Standard - Memcached Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for memcached. 4
Alibaba Cloud Standard - MongoDB version 3.x Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for MongoDB. MongoDB 3.x supports this baseline check. 11
Alibaba Cloud Standard - Mysql Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for MySQL. MySQL 5.1 to MySQL 5.7 support this baseline check. 12
Alibaba Cloud Standard - Oracle 11g Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Oracle Database 11g. 14
Alibaba Cloud Standard - Redis Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Redis. 6
Alibaba Cloud Standard-SQL Server Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for SQL Server 2012. 16
Alibaba Cloud Standard - Debian Linux 8 Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for Debian Linux 8. 15
Alibaba Cloud Standard - CentOS Linux 6 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for CentOS Linux 6. 15
Alibaba Cloud Standard - CentOS Linux 7/8 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for CentOS Linux 7 and 8. 15
Alibaba Cloud Standard - Red Hat Enterprise Linux 6 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Red Hat Enterprise Linux 6. 15
Alibaba Cloud Standard - Red Hat Enterprise Linux 7 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Red Hat Enterprise Linux 7. 15
Alibaba Cloud Standard - Ubuntu Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for Ubuntu 14, 16, and 18. 15
Alibaba Cloud Standard - Apache Security Baseline Check Checks the baseline of middleware against the Center for Internet Security (CIS) and Alibaba Cloud standards. 16
Alibaba Cloud Standard - Nginx Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for NGINX. 9
Alibaba Cloud Standard -WebSphere Application Server Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for WebSphere Application Server. 12
Alibaba Cloud Standard - MongoDB version 3.x Security Baseline Check (not used) Checks the baseline against the Alibaba Cloud standard of best practices for MongoDB. 11
Alibaba Cloud Standard -WebLogic Server 12c Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for WebLogic Server 12c. 11
Alibaba Cloud Standard - Windows Server 2008 R2 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Windows Server 2008 R2. 12
Alibaba Cloud Standard - Windows 2012 R2 Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for Windows Server 2012 R2. 12
Alibaba Cloud Standard - Windows 2016/2019 R2 Security Baseline Checks the baseline against the Alibaba Cloud standard of best practices for Windows Server 2016 R2 and 2019 R2. 11
Alibaba Cloud Standard - IIS 8 Security Baseline Check Checks the baseline against the Alibaba Cloud standard of best practices for Internet Information Services (IIS) 8. 8
Classified protection compliance Alibaba Cloud Linux/Aliyun Linux 2 CIS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 179
CIS CentOS Linux 6 LTS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 197
CIS CentOS Linux 7 LTS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 198
CIS CentOS Linux 8 LTS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 171
CIS Debian Linux 8 Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 156
CIS Ubuntu Linux 14 LTS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 178
CIS Ubuntu Linux 16/18 LTS Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 177
CIS Microsoft Windows Server 2008 R2 Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 273
CIS Microsoft Windows Server 2012 R2 Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 274
CIS Microsoft Windows Server 2016/2019 R2 Benchmark Checks the baseline against the CIS standard. This standard is suitable for enterprise users who have professional security skills. This baseline check provides a variety of check rules, which allows you to reinforce the security of your system based on business scenarios and requirements. 274
Alibaba Cloud Linux/Aliyun Linux 2 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Alibaba Cloud Linux 2. This checks whether your asset environments comply with the classified protection requirements. 15
CentOS Linux 6 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for CentOS Linux 6. This checks whether your asset environments comply with the classified protection requirements. 15
CentOS Linux 7 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for CentOS Linux 7. This checks whether your asset environments comply with the classified protection requirements. 15
Debian Linux 8 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Debian Linux 8. This checks whether your asset environments comply with the classified protection requirements. 15
Redhat Linux 7 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Red Hat Enterprise Linux 7. This checks whether your asset environments comply with the classified protection requirements. 15
SUSE Linux 11 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for SUSE Linux Enterprise Server 11. This checks whether your asset environments comply with the classified protection requirements. 13
SUSE Linux 12 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for SUSE Linux Enterprise Server 12. This checks whether your asset environments comply with the classified protection requirements. 15
Ubuntu 14 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Ubuntu 14. This checks whether your asset environments comply with the classified protection requirements. 15
Linux Ubuntu 16/18 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Ubuntu 16 and 18. This checks whether your asset environments comply with the classified protection requirements. 15
Windows 2008 R2 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Windows Server 2008 R2. This checks whether your asset environments comply with the classified protection requirements. 12
Windows 2012 R2 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Windows Server 2012 R2. This checks whether your asset environments comply with the classified protection requirements. 12
Windows 2016/2019 R2 Baseline for China classified protection of cybersecurity-Level II Checks the baseline against the standard of MLPS 2.0 level 2 for Windows Server 2016 R2 and 2019 R2. This checks whether your asset environments comply with the classified protection requirements. 12
Alibaba Cloud Linux/Aliyun Linux 2 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for Alibaba Cloud Linux 2. This checks whether your asset environments comply with the classified protection requirements. 19
BCLinux 7 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for BC-Linux 7. This checks whether your asset environments comply with the classified protection requirements. 19
BCLinux 6 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for BC-Linux 6. This checks whether your asset environments comply with the classified protection requirements. 19
CentOS Linux 6 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for CentOS Linux 6. This checks whether your asset environments comply with the classified protection requirements. 19
CentOS Linux 7 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for CentOS Linux 7. This checks whether your asset environments comply with the classified protection requirements. 19
China's Level 3 Protection of Cybersecurity - CentOS Linux 8 Compliance Baseline Check Checks the baseline against the standard of MLPS 2.0 level 3 for CentOS Linux 8. This checks whether your asset environments comply with the classified protection requirements. 21
Debian Linux 8 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for Debian Linux 8. This checks whether your asset environments comply with the classified protection requirements. 19
China's Level 3 Protection of Cybersecurity - Red Hat Enterprise Linux 6 Compliance Baseline Check Checks the baseline against the standard of MLPS 2.0 level 3 for Red Hat Enterprise Linux 6. This checks whether your asset environments comply with the classified protection requirements. 19
China's Level 3 Protection of Cybersecurity - Red Hat Enterprise Linux 7 Compliance Baseline Check Checks the baseline against the standard of MLPS 2.0 level 3 for Red Hat Enterprise Linux 7. This checks whether your asset environments comply with the classified protection requirements. 19
SUSE Linux 10 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for SUSE Linux Enterprise Server 10. This checks whether your asset environments comply with the classified protection requirements. 19
SUSE Linux 11 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for SUSE Linux Enterprise Server 11. This checks whether your asset environments comply with the classified protection requirements. 19
SUSE Linux 12 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for SUSE Linux Enterprise Server 12. This checks whether your asset environments comply with the classified protection requirements. 19
Ubuntu 14 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for Ubuntu 14. This checks whether your asset environments comply with the classified protection requirements. 19
Waiting for Level 3-Ubuntu 16/18 compliance regulations inspection Checks the baseline against the standard of MLPS 2.0 level 3 for Ubuntu 16 and 18. This checks whether your asset environments comply with the classified protection requirements. 19
China's Level 3 Protection of Cybersecurity - Windows Server 2008 R2 Compliance Baseline Check Checks the baseline against the standard of MLPS 2.0 level 3 for Windows Server 2008 R2. This checks whether your asset environments comply with the classified protection requirements. 19
Windows 2012 R2 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for Windows Server 2012 R2. This checks whether your asset environments comply with the classified protection requirements. 19
Windows 2016/2019 R2 Baseline for China classified protection of cybersecurity-Level III Checks the baseline against the standard of MLPS 2.0 level 3 for Windows Server 2016 R2 and 2019 R2. This checks whether your asset environments comply with the classified protection requirements. 19