Detections
Analytics
CIS IIS 7.0 L2 v1.7.1
Warning! Audit Deprecated
This audit file has been deprecated and will be removed in a future update.
View Next VersionAudit Details
Name: CIS IIS 7.0 L2 v1.7.1
Updated: 4/24/2017
Authority: CIS
Plugin: Windows
Revision: 1.7
Estimated Item Count: 13
File Details
Filename: CIS_v1.7.1_MS_IIS_7_Level_2.audit
Size: 22.6 kB
MD5: be24ff991900485e3765ef8e4252674a
SHA256: ac9f08f36ff2e06b0c76c13c9eee8db018e9fb38c1e1b301dc9b4b47ff57691a
Audit Items
| Description | Categories |
|---|---|
| 1.1.7 Stop non-used Application Pools | CONFIGURATION MANAGEMENT |
| 1.2.4 Configure Forms Authentication to Use Cookies | CONFIGURATION MANAGEMENT |
| 1.2.6 Lock down Encryption Providers | |
| 1.2.9 Ensure credentials are not stored in configuration files | |
| 1.3.2 Turn Debug Off | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.3 Ensure Custom Error Messages are not Off | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.5 Configure Use Cookies Mode for Session State | CONFIGURATION MANAGEMENT |
| 1.3.6 Ensure Cookies Are Set With HttpOnly Attribute | ACCESS CONTROL |
| 1.4.1 Configure maxAllowedContentLength Request Filter | CONFIGURATION MANAGEMENT |
| 1.4.2 Configure maxURL Request Filter | CONFIGURATION MANAGEMENT |
| 1.4.3 Configure MaxQueryString Request Filter | CONFIGURATION MANAGEMENT |
| 1.4.4 Disallow non-ASCII Characters in URLs | CONFIGURATION MANAGEMENT |
| Windows IIS 7.0 is not installed |