diff --git a/benchmarks/services/3.27-disable-automounting.md b/benchmarks/services/3.27-disable-automounting.md
new file mode 100644
index 0000000000000000000000000000000000000000..2677f8f2469aa9d8bf2b47ddf4edc05473ab9e0a
--- /dev/null
+++ b/benchmarks/services/3.27-disable-automounting.md
@@ -0,0 +1,53 @@
+# 3.27 禁用自动挂载
+
+## 安全等级
+
+- Level 1
+
+## 描述
+
+`autofs` 允许自动安装外设，通常包括 `CD/DVD` 和 `USB` 驱动器。当启用自动挂载后，任何可以访问设备的用户，即使他们没有权限装载外设，也可以在服务器或主机上连接`USB`驱动器或光盘，并在系统中读取、改动他们的内容。协作工作的企业用户习惯于使用便携式存储设备，如果用户的管理者允许其在工作站上使用便携式存储和媒体设备，并且对工作站服务设备的访问权限是足够的，那么关闭自动挂载几乎没有什么价值。
+
+## 修复建议
+
+1. 如果有其他安装包依赖于`autofs`，使用如下命令：
+
+```bash
+# systemctl --now disable autofs
+```
+
+2. 如果没有其他依赖于 `autofs` 的包，请使用以下命令删除该挂载选项：
+
+```bash
+# dnf remove autofs -y
+```
+
+## 扫描检测
+
+除非其他包依赖于`autofs`，否则我们不建议安装`autofs`。
+
+运行以下命令来检测`autofs`是否被成功禁用或移除：
+
+```bash
+# systemctl is-enabled autofs
+```
+
+1. 输出以下结果证明autofs已被禁用:
+
+```bash
+disabled
+```
+
+验证结果不能为"enabled"。
+
+2. 输出以下结果证明已成功移除autofs:
+
+```bash
+Failed to get unit file state for autofs.service: No such file or directory
+```
+
+输出其他结果则说明autofs没有被禁用或移除。
+
+## 参考
+
+- cis: <https://www.cisecurity.org/benchmark/aliyun_linux>
\ No newline at end of file
diff --git a/docs/summary-of-rules.md b/docs/summary-of-rules.md
index 95fda326eb9c236d09fe58ba5987d4a8655f469b..4f47dc31e78280e656b7d171ae1579ec77411392 100644
--- a/docs/summary-of-rules.md
+++ b/docs/summary-of-rules.md
@@ -105,6 +105,7 @@
 | 3.24     | 3.24-disable-ntalk.md                                        | 3.24 禁用ntalk                                       | benchmarks/services                 | 1     |
 | 3.25     | 3.25-ensure-xinetd-is-not-installed.md                       | 3.25 确保xinetd被卸载                                      | benchmarks/services                 | 1     |
 | 3.26     | 3.26-disable-usb-storage.md                                  | 3.26 禁用USB存储                                     | benchmarks/services                 | 1     |
+| 3.27     | 3.27-disable-automounting.md                      | 3.27 禁用自动挂载                                     | benchmarks/services                 | 1     |
 | 4.1      | 4.1-ensure-message-of-the-day-is-configured-properly.md      | 4.1 确保登录提示消息的内容符合要求                   | benchmarks/system-configurations    | 1     |
 | 4.2      | 4.2-ensure-local-login-warning-banner-is-configured-properly.md | 4.2 确保本地登录提示消息的内容符合要求               | benchmarks/system-configurations    | 1     |
 | 4.3      | 4.3-ensure-remote-login-warning-banner-is-configured-properly.md | 4.3 确保远程登录提示消息的内容符合要求               | benchmarks/system-configurations    | 1     |
diff --git a/remediation-kits/services/3.27-disable-automounting.sh b/remediation-kits/services/3.27-disable-automounting.sh
new file mode 100644
index 0000000000000000000000000000000000000000..d1adc9ce45d3a4badbc3c13e40dba90925f3d8d4
--- /dev/null
+++ b/remediation-kits/services/3.27-disable-automounting.sh
@@ -0,0 +1 @@
+(rpm -e --test autofs && dnf remove -y autofs) || systemctl --now disable autofs
\ No newline at end of file
diff --git a/scanners/services/3.27-disable-automounting.sh b/scanners/services/3.27-disable-automounting.sh
new file mode 100644
index 0000000000000000000000000000000000000000..fd31be531afeb0dfd65439c3f52c8bfc005ea14e
--- /dev/null
+++ b/scanners/services/3.27-disable-automounting.sh
@@ -0,0 +1,10 @@
+rpmAutofs=$(rpm -qa | grep ^autofs)
+[[ -z $rpmAutofs ]] || sysAutofs=$(systemctl is-enabled autofs)
+
+if [[ -z $rpmAutofs ]]; then
+    echo 'pass'
+elif [[ $sysAutofs == 'disabled' ]]; then
+    echo 'pass'
+else
+    echo 'fail'
+fi
\ No newline at end of file