4.7 Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK) | CIS Google Cloud Platform v3.0.0 L2 | GCP | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
6.3.7 Ensure that the 'contained database authentication' database flag for Cloud SQL on the SQL Server instance is not set to 'on' | CIS Google Cloud Platform v3.0.0 L1 | GCP | ACCESS CONTROL, MEDIA PROTECTION |
18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
18.9.59.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.65.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
18.9.65.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
DB2X-00-007300 - DB2 must utilize centralized management of the content captured in audit records generated by all components of DB2. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
Deny log on through Remote Desktop Services | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 11 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
Deny log on through Remote Desktop Services | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
DKER-EE-003230 - An appropriate Docker Engine - Enterprise log driver plugin must be configured to collect audit events from Universal Control Plane (UCP) and Docker Trusted Registry (DTR). | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
SonicWALL - Security Services - IDP - Signature Timestamp | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
SQL4-00-032800 - SQL Server must utilize centralized management of the content captured in audit records generated by all components of the DBMS. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
VCWN-65-000002 - The vCenter Server for Windows must not automatically refresh client sessions. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |