Item Search

NameAudit NamePluginCategory
5.2.2.5 (L2) Ensure 'Phishing-resistant MFA strength' is required for AdministratorsCIS Microsoft 365 Foundations v5.0.0 L2 E5microsoft_azure

IDENTIFICATION AND AUTHENTICATION

17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.3.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.3.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

18.8.36.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.11.1.7 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.7 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Windows 7 Workstation Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.7 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.27.1.1 (L1) Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.27.4.1 (L1) Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.31.3 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.58.2 (L1) Ensure 'Prevent the usage of OneDrive for file storage on Windows 8.1' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.65.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.102.3 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.102.6 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.10.9.2.4 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.4 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.5 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Recovery Password' is set to 'Enabled: Require 48-digit recovery password'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

19.7.28.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, MEDIA PROTECTION

49.16 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS Control 3 (3.4(a)) Deploy Automated Operating System Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS Control 3 (3.4(b)) Deploy Automated Operating System Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS Control 3 (3.4(c)) Deploy Automated Operating System Patch Management ToolsCAS Implementation Group 1 Audit FileUnix

SYSTEM AND INFORMATION INTEGRITY

CIS_Cisco_ASA_9.x_Firewall_v1.1.0_L1.audit from CIS Cisco ASA 9.x Firewall Benchmark v1.1.0CIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco
CIS_Cisco_ASA_9.x_Firewall_v1.1.0_L2.audit from CIS Cisco ASA 9.x Firewall Benchmark v1.1.0CIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco
CIS_Cisco_IOS_XE_17.x_v2.2.0_L1.audit from CIS Cisco IOS XE 17.x Benchmark v2.2.0CIS Cisco IOS XE 17.x v2.2.0 L1Cisco
CIS_Cisco_IOS_XE_17.x_v2.2.0_L2.audit from CIS Cisco IOS XE 17.x Benchmark v2.2.0CIS Cisco IOS XE 17.x v2.2.0 L2Cisco
CIS_v4.1.0_Cisco_Firewall_ASA_9_Level_1.audit for Cisco ASA 9 from CIS Cisco Firewall Benchmark v4.1.0CIS Cisco Firewall ASA 9 L1 v4.1.0Cisco
JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2/140-3 validated algorithms for authentication to a cryptographic module.DISA Juniper EX Series Network Device Management v2r2Juniper

IDENTIFICATION AND AUTHENTICATION