CIS Microsoft Windows Server 2016 DC L1 v1.4.0

Audit Details

Name: CIS Microsoft Windows Server 2016 DC L1 v1.4.0

Updated: 4/12/2023

Authority: CIS

Plugin: Windows

Revision: 1.5

Estimated Item Count: 307

File Details

Filename: CIS_DC_SERVER_2016_Level_1_v1.4.0.audit

Size: 854 kB

MD5: 483d739eb866c48518efc73b562a2b6c
SHA256: 7744a9acbc2903e02648fff63f26ddbe48bb815dbcacebcc9e5c02f5189cf60c

Audit Changelog

 
Revision 1.5

Apr 12, 2023

Functional Update
  • 1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'
  • 1.1.2 Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'
  • 1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'
  • 1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.4

Mar 21, 2023

Functional Update
  • 18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' - Disabled
  • 18.9.47.9.2 Ensure 'Turn off real-time protection' is set to 'Disabled' - Disabled
  • 2.3.5.2 Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only)
Revision 1.3

Mar 8, 2023

Functional Update
  • 18.9.31.4 Ensure 'Turn off shell protocol protected mode' is set to 'Disabled' - Disabled
  • 18.9.65.3.9.2 Ensure 'Require secure RPC communication' is set to 'Enabled' - Enabled
  • 2.3.1.4 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'
  • 2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'
Revision 1.2

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.1

Jan 4, 2023

Miscellaneous
  • Metadata updated.
Revision 1.0

Dec 21, 2022

Miscellaneous
  • Metadata updated.