8/18/22, 4:27 PM Operating System Hardening Checklists | UT Austin ISO

HOME (/) QUICK LINKS  (/) POLICIES  (/POLICIES)

RESEARCH (/CONSENSUS) SUPPORT TOPICS  (/EDUCATION-OUTREACH)

O P E R AT I N G S Y S T E M H A R D E N I N G
REPORT VIOLATION (/VIOLATION) CONTACT (/CONTACT)
CHECKLISTS

 SEARCH

The hardening checklists are based on the comprehensive checklists produced by The Center for Internet
Security (CIS) (http://cisecurity.org/en-us/?route=default), when possible. The Information Security Office
(http://security.utexas.edu/) has distilled the CIS lists down to the most critical steps for your systems, with a
particular focus on configuration issues that are unique to the computing environment at The University of
Texas at Austin.

HOW TO USE THE CHECKLISTS

Print the checklist and check off each item you complete to ensure that you cover the critical steps for
securing your server. The Information Security Office uses this checklist during risk assessments as part of
the process to verify that servers are secure.

HOW TO READ THE CHECKLISTS

Step - The step number in the procedure. If there is a UT Note for this step, the note number corresponds to
the step number.
Check (√) - This is for administrators to check off when she/he completes this portion.
To Do - Basic instructions on what to do to harden the respective system
CIS - Reference number in the The Center for Internet Security (CIS) (http://cisecurity.org/en-us/?
https://security.utexas.edu/os-hardening-checklist 1/3
8/18/22, 4:27 PM Operating System Hardening Checklists | UT Austin ISO

route=default) benchmarks. The CIS documents outline in much greater detail how to complete each step.
UT Note - The notes at the bottom of the pages provide additional detail about the step for the university
computing environment.
Cat I - For systems that include category I data
(http://www.utexas.edu/its/policies/opsmanual/dataclassification.php), required steps are denoted with
HOME (/) QUICK LINKS  (/) POLICIES  (/POLICIES)
the ! symbol. All steps are recommended.
Cat II/III - For systems that include category II or III data
(http://www.utexas.edu/its/policies/opsmanual/dataclassification.php), all steps are recommended, and
some are required (denoted
R E S E A Rby
C Hthe !).
(/CONSENSUS) SUPPORT TOPICS  (/EDUCATION-OUTREACH)
Min Std - This column links to the specific requirements for the university in the Minimum Security
Standards for Systems (http://www.utexas.edu/its/policies/opsmanual/secstd.php) document.
REPORT VIOLATION (/VIOLATION) CONTACT (/CONTACT)
CHECKLISTS

 SEARCH
Server Operating Systems

Windows Server 2012 R2 Hardening Checklist (/os- Red Hat Enterprise Linux 7 Hardening Checklist
hardening-checklist/windows-r2) (/os-hardening-checklist/linux-7)

  
(https://www.facebook.com/utaustiniso)
(https://twitter.com/UT_ISO)
(https://www.instagram.com/ut_iso/)

https://security.utexas.edu/os-hardening-checklist 2/3
8/18/22, 4:27 PM Operating System Hardening Checklists | UT Austin ISO

I N F O R M AT I O N S E C U R I T Y O F F I C E
Copyright © 2006-21, Information Security Office. All rights reserved.
HOME (/) QUICK LINKS  (/) POLICIES  (/POLICIES)
Privacy Policy (https://www.utexas.edu/web-privacy-policy)  |  Accessibility Policy (https://www.utexas.edu/web-accessibility-policy)

RESEARCH (/CONSENSUS) SUPPORT TOPICS  (/EDUCATION-OUTREACH)

(https://www.utexas.edu/)

REPORT VIOLATION (/VIOLATION) CONTACT (/CONTACT)

 SEARCH

https://security.utexas.edu/os-hardening-checklist 3/3