Item Search

Name	Audit Name	Plugin	Category
1.2.4 Create 'access-list' for use with 'line vty'	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY
1.2.4 Create 'access-list' for use with 'line vty'	CIS Cisco IOS XE 16.x v2.2.0 L1	Cisco	ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY
1.2.5 Set 'access-class' for 'line vty'	CIS Cisco IOS 12 L1 v4.0.0	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
1.9.2 Configure SNMP Traps	CIS Cisco NX-OS v1.2.0 L1	Cisco	SYSTEM AND INFORMATION INTEGRITY
2.1.1.1.2 Set the 'ip domain-name'	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	CONFIGURATION MANAGEMENT
2.1.1.1.2 Set the 'ip domain-name'	CIS Cisco IOS XE 16.x v2.2.0 L1	Cisco	CONFIGURATION MANAGEMENT
2.2.1 Set 'logging enable'	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	AUDIT AND ACCOUNTABILITY
2.2.1 Set 'logging enable'	CIS Cisco IOS XE 16.x v2.2.0 L1	Cisco	AUDIT AND ACCOUNTABILITY
2.3.1.1 Set 'ntp authenticate'	CIS Cisco IOS XE 17.x v2.2.1 L1	Cisco	AUDIT AND ACCOUNTABILITY
4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
AIX7-00-002057 - AIX audit logs must be rotated daily.	DISA STIG AIX 7.x v3r1	Unix	CONFIGURATION MANAGEMENT
BIND-9X-001500 - A BIND 9.x server implementation must be operating on a Current-Stable version as defined by ISC.	DISA BIND 9.x STIG v3r1	Unix	CONFIGURATION MANAGEMENT
CISC-ND-000110 - The Cisco router must be configured to automatically audit account disabling actions.	DISA Cisco IOS Router NDM STIG v3r6	Cisco	ACCESS CONTROL
CISC-ND-000980 - The Cisco router must be configured to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.	DISA Cisco IOS Router NDM STIG v3r6	Cisco	AUDIT AND ACCOUNTABILITY
CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC).	DISA Cisco IOS XR Router NDM STIG v3r5	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions.	DISA Cisco IOS Router NDM STIG v3r6	Cisco	IDENTIFICATION AND AUTHENTICATION, MAINTENANCE
CISC-RT-000050 - The Cisco router must be configured to enable routing protocol authentication using FIPS 198-1 algorithms with keys not exceeding 180 days of lifetime.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
CISC-RT-000060 - The Cisco router must be configured to have all inactive interfaces disabled.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000190 - The Cisco router must be configured to have Internet Control Message Protocol (ICMP) redirect messages disabled on all external interfaces.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000230 - The Cisco router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000250 - The Cisco perimeter router must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000270 - The Cisco perimeter router must be configured to block inbound packets with source Bogon IP address prefixes.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000330 - The Cisco perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000398 - The Cisco perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop or Destination Option extension header with an undefined option type.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000450 - The Cisco router must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000480 - The Cisco BGP router must be configured to use a unique key for each autonomous system (AS) that it peers with.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000500 - The Cisco BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS).	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000530 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000560 - The Cisco BGP router must be configured to use the maximum prefixes feature to protect against route table flooding and prefix de-aggregation attacks.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000570 - The Cisco BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000660 - The Cisco PE router providing MPLS Layer 2 Virtual Private Network (L2VPN) services must be configured to authenticate targeted Label Distribution Protocol (LDP) sessions used to exchange virtual circuit (VC) information using a FIPS-approved message authentication code algorithm.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-RT-000730 - The Cisco PE switch must be configured to block any traffic that is destined to the IP core infrastructure.	DISA Cisco NX OS Switch RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000730 - The Cisco PE switch must be configured to block any traffic that is destined to the IP core infrastructure.	DISA Cisco IOS XE Switch RTR STIG v3r3	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000750 - The Cisco PE router must be configured to drop all packets with any IP options.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000810 - The Cisco multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000860 - The Cisco multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join only multicast groups that have been approved by the organization.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000910 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	IDENTIFICATION AND AUTHENTICATION
CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups.	DISA Cisco IOS Router RTR STIG v3r4	Cisco	ACCESS CONTROL
DISA STIG VMware vSphere ESXi 6 Security Technical Implementation Guide Version 1 Release 5	DISA VMware vSphere ESXi 6.0 STIG v1r5 Unix	Unix
DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r6.audit from DISA McAfee VSEL 1.9/2.0 Local Client v1r6 STIG	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix
DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r5.audit from DISA McAfee VSEL 1.9/2.0 Managed Client v1r5 STIG	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix
DISA_STIG_Microsoft_Project_2016_v1r1.audit for Microsoft Project 2016, from DISA STIG Microsoft Project 2016 v1r1	DISA STIG Microsoft Project 2016 v1r1	Windows
DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows
DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIG	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows
DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIG	DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST API	Splunk
DISA_STIG_Splunk_Enterprise_8.x_for_Linux_REST_API_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG	DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API	Splunk
DISA_STIG_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1	DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1	Unix
IIST-SI-000239 - The IIS 10.0 websites must use ports, protocols, and services according to Ports, Protocols, and Services Management (PPSM) guidelines.	DISA IIS 10.0 Site v2r14	Windows	CONFIGURATION MANAGEMENT
IISW-SI-000239 - The IIS 8.5 websites must utilize ports, protocols, and services according to PPSM guidelines.	DISA IIS 8.5 Site v2r9	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search