Detections
Analytics

CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0

Audit Details

Name: CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0

Updated: 9/15/2023

Authority: CIS

Plugin: Windows

Revision: 1.12

Estimated Item Count: 276

File Details

Filename: CIS_Microsoft_Windows_Server_2016_STIG_v1.1.0_STIG_DC.audit

Size: 924 kB

MD5: 06d53102658a7743abe0bdc500941060
SHA256: 40738f7815c4f5d95455442d38e8f99010fc26006d64a3d018bf6f32b251059c

Audit Changelog

 
Revision 1.12

Sep 15, 2023

Functional Update
  • 20.46 Ensure 'Passwords are configured to expire'
Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.11

Jul 28, 2023

Functional Update
  • 20.35 Ensure 'Manually managed application account passwords are changed at least annually or when a system administrator with knowledge of the password leaves the organization'
Miscellaneous
  • Variables updated.
Revision 1.10

Apr 12, 2023

Functional Update
  • 1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'
  • 1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'
  • 1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'
  • 1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.9

Mar 8, 2023

Functional Update
  • 18.9.30.4 Ensure 'Turn off shell protocol protected mode' is set to 'Disabled'
  • 18.9.63.3.9.2 Ensure 'Require secure RPC communication' is set to 'Enabled'
  • 18.9.7.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled'
  • 2.3.1.5 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'
  • 2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'
Revision 1.8

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.7

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.6

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.5

Oct 6, 2022

Functional Update
  • 17.5.7 Ensure 'Audit Special Logon' is set to include 'Success'
  • 17.7.3 Ensure 'Audit Authentication Policy Change' is set to include 'Success'
  • 17.7.4 Ensure 'Audit Authorization Policy Change' is set to include 'Success'
Revision 1.4

Aug 29, 2022

Functional Update
  • 20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)
Miscellaneous
  • References updated.
  • Variables updated.
Revision 1.3

Jul 21, 2022

Functional Update
  • 17.9.3 Ensure 'Audit Security State Change' is set to include 'Success'