Item Search

Name	Audit Name	Plugin	Category
2.2.11 (L1) Ensure 'Back up files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.34 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators, Window Manager\Window Manager Group'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.5.1 (L1) Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is configured (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.4 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.4.6 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.12 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
18.6.4.4 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
18.6.7.4 (L1) Ensure 'Enable authentication rate limiter' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.6.7.7 (L1) Ensure 'Set authentication rate limiter delay (milliseconds)' is set to 'Enabled: 2000' or more	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.6.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.6.21.1 (L1) Ensure 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is set to 'Enabled: 3 = Prevent Wi-Fi when on Ethernet'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.7.6 (L1) Ensure 'Configure RPC listener settings: Authentication protocol to use for incoming RPC connections:' is set to 'Enabled: Negotiate' or higher	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.5.1 (NG) Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.5.7 (NG) Ensure 'Turn On Virtualization Based Security: Secure Launch Configuration' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 NG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.19.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.20.1.9 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.28.2 (L1) Ensure 'Do not display network selection UI' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
18.9.28.5 (L1) Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.39.2 (L1) Ensure 'Configure SAM change password RPC methods policy' is set to 'Enabled: Allow strong encryption change password RPC method only' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.9.49.1 (L2) Ensure 'Turn off the advertising ID' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.4.1 (L2) Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	ACCESS CONTROL
18.10.43.12.1 (L2) Ensure 'Configure Watson events' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	SECURITY ASSESSMENT AND AUTHORIZATION
18.10.56.1 (L2) Ensure 'Turn off Push To Install service' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.8 (L2) Ensure 'Restrict clipboard transfer from server to client' is set to 'Enabled: Disable clipboard transfers from server to client'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	ACCESS CONTROL
18.10.89.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.93.4.3 (L1) Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search