Item Search

NameAudit NamePluginCategory
2.2.5 Ensure 'OS_ROLES' Is Set to 'FALSE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

IDENTIFICATION AND AUTHENTICATION

2.2.7 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

IDENTIFICATION AND AUTHENTICATION

2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.2.36 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.3 Ensure password reuse is limitedCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limited - password-authCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.3.3 Ensure password reuse is limited - system-authCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.1 Ensure password expiration is 365 days or less - login.defsCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defsCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.2 Ensure minimum days between password changes is 7 or more - usersCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.1.3 Ensure password expiration warning days is 7 or more - login.defsCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profileCIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

6.2.1 Ensure password fields are not emptyCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.18 Ensure no duplicate user names existCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.2.19 Ensure no duplicate group names existCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Allow log on locallyMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server v2004 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow log on through Remote Desktop ServicesMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Deny access to this computer from the networkMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Deny log on as a serviceMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Deny log on locallyMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Deny log on locallyMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL

Deny log on through Remote Desktop ServicesMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Domain member: Maximum machine account password ageMSCT Windows 10 1903 v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Ensure minimum days between password changes is 7 or moreTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Generate security auditsMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Modify an object labelMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Network security: Allow Local System to use computer identity for NTLMMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: Force logoff when logon hours expireMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Network security: Force logoff when logon hours expireMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network security: Force logoff when logon hours expireMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL