Automated Testing The IRS Office of Safeguards utilizes Tenable’s industry standard compliance and vulnerability assessment tool, Nessus, to evaluate the security of systems (e.g., Windows, *NIX, Cisco) that store, process, transmit or receive Federal Tax Information. We use Nessus to conduct configuration compliance checks using Center for Internet Security (CIS) benchmarks supplemented with some IRS-specific requirements. This process has been developed to provide agencies with enhanced information regarding the security controls in place to protect FTI. The following NESSUS audit files may be used to evaluate IRS Publication 1075 compliance on systems that store, process, transmit and/or receive Federal Tax Information and are subject to IRC 6103 (p)(4) Safeguarding requirements. Preparing for Nessus Compliance Scanning PDF The following NESSUS audit files may be used to evaluate IRS Publication 1075 compliance on systems that store, process, transmit and/or receive Federal Tax Information and are subject to IRC 6103 (p)(4) Safeguarding requirements Audit File Version Release Date Safeguards AIX 7.1 Audit File 1.2 9/30/2019 Safeguards Apache 2.4 Audit File 1.1 9/30/2019 Safeguards Apache Tomcat 7 Audit File 1.0 9/30/2019 Safeguards Apache Tomcat 8 Audit File 1.0 9/30/2019 Safeguards CentOS 5 Audit File 1.0 9/30/2019 Safeguards CentOS 6 Audit File 2.1 9/30/2019 Safeguards CentOS 7 Audit File 2.2 9/30/2019 Safeguards Cisco ASA Audit File 1.1 9/30/2019 Safeguards Cisco IOS 15 Audit File 4.0 9/30/2019 Safeguards ESXi5.5 Audit File 1.0 9/30/2019 Safeguards HP-UX11iv3 Audit File 1.0 9/30/2019 Safeguards IBM DB2 9.X Database Audit File 1.0 9/30/2019 Safeguards IBM DB2 9.5 LinuxUnix Audit File 1.2 9/30/2019 Safeguards IBM DB2 9.7 LinuxUnix Audit File 1.2 9/30/2019 Safeguards IBM DB2 10.1 LinuxUnix Audit File 1.1 9/30/2019 Safeguards IBM DB2 10.5 LinuxUnix Audit File 1.1 9/30/2019 Safeguards IBM DB2 10.x Database Audit File 1.0 9/30/2019 Safeguards IBM DB2 10.x Windows Audit File 1.0 9/30/2019 Safeguards IIS 7.0 Audit File 1.1 9/30/2019 Safeguards IIS 7.5 Audit File 1.1 9/30/2019 Safeguards IIS 8.0 Audit File 1.2 9/30/2019 Safeguards IIS 8.5 Audit File 1.2 9/30/2019 Safeguards IIS 10 Audit File 1.1 9/30/2019 Safeguards Mac OSX 10.11 Audit File 1.0 9/30/2019 Safeguards Mac OSX 10.12 Audit File 1.0 9/30/2019 Safeguards Mac OSX 10.13 Audit File 1.0 9/30/2019 Safeguards MySQL 5.6 Audit File 1.0 9/30/2019 Safeguards MySQL 5.7 Audit File 1.0 9/30/2019 Safeguards Oracle 11gR2 Audit File 1.1 9/30/2019 Safeguards Oracle 12c Database Audit File 1.2 9/30/2019 Safeguards Oracle Linux 5 Audit File 1.0 9/30/2019 Safeguards Oracle Linux 6 Audit File 2.1 9/30/2019 Safeguards Oracle Linux 7 Audit File 2.2 9/30/2019 Safeguards Oracle Solaris 10 Audit File 1.0 9/30/2019 Safeguards Oracle Solaris 11 Audit File 1.0 9/30/2019 Safeguards Oracle Solaris 11.1 Audit File 1.0 9/30/2019 Safeguards Palo Alto Audit File 1.0 9/30/2019 Safeguards Palo Alto 8 1.0 9/30/2019 Safeguards RHEL5 Audit File 1.1 9/30/2019 Safeguards RHEL6 Audit File 2.1 9/30/2019 Safeguards RHEL7 Audit File 2.2 9/30/2019 Safeguards SQL Server 2008R2 1.1 9/30/2019 Safeguards SQL Server 2012 1.1 9/30/2019 Safeguards SQL Server 2014 1.1 9/30/2019 Safeguards SQL Server 2016 Audit File 1.0 9/30/2019 Safeguards SQL Server 2017 1.0 9/30/2019 Safeguards SUSE11 Audit File 1.1 9/30/2019 Safeguards SUSE12 Audit File 1.1 9/30/2019 Safeguards VMware ESXi6.0 Audit File 1.0 9/30/2019 Safeguards VMware ESXi6.5 Audit File 1.0 9/30/2019 Safeguards VMware ESXi6.7 Audit File 1.0 9/30/2019 Safeguards Windows 10 Audit File 1.2 9/30/2019 Safeguards Windows 2008 Audit File 1.4 9/30/2019 Safeguards Windows 2008 R2 Audit File 1.5 9/30/2019 Safeguards Windows 2012 Audit File 1.3 9/30/2019 Safeguards Windows 2012 R2 Audit File 1.1 9/30/2019 Safeguards Windows 2016 Audit File 1.0 9/30/2019 Safeguards Windows 2019 Audit File 1.1 9/30/2019 Safeguards Windows 7 Audit File 1.3 9/30/2019 Safeguards Windows 8 Audit File 1.3 9/30/2019 Safeguards Windows 8.1 Audit File 1.4 9/30/2019
