Item Search

Name	Audit Name	Plugin	Category
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.7.4 (L1) Configure 'Interactive logon: Message title for users attempting to log on'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.8 (L1) Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.3 (L1) Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.4.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.4 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.7 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
Access this computer from the network	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Act as part of the operating system	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Allow active scripting	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Allow fallback to SSL 3.0 (Internet Explorer)	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Allow log on locally	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Allow only approved domains to use ActiveX controls without prompt - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Allow only approved domains to use the TDC ActiveX control - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Allow scripting of Internet Explorer WebBrowser controls - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Allow unencrypted traffic - Service - AllowUnencryptedTraffic	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Allow updates to status bar via script - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Allow VBScript to run in Internet Explorer - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Audit client does not support encryption - AuditClientDoesNotSupportEncryption	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit client does not support signing - AuditClientDoesNotSupportSigning	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit Directory Service Access	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit File Share	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit insecure guest logon - LanmanWorkstation AuditInsecureGuestLogon	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit MPSSVC Rule-Level Policy Change	MSCT Windows Server 2025 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Check for signatures on downloaded programs	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Configure Attack Surface Reduction rules - d3e037e1-3eb8-44c8-a917-57927947596d	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
Configure hash algorithms for certificate logon - KDC PKINITSHA512	MSCT Windows Server 2025 DC v1.0.0	Windows
Configure Windows Defender SmartScreen - ShellSmartScreenLevel	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Create permanent shared objects	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
Don't run antimalware programs against ActiveX controls - Trusted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Download signed ActiveX controls - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Enable authentication rate limiter - EnableAuthRateLimiter	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Include local path when user is uploading files to a server - Internet Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Include local path when user is uploading files to a server - Restricted Sites Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Initialize and script ActiveX controls not marked as safe - Intranet Zone	MSCT Windows Server 2025 DC v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WDNS-AU-000005 - The Windows 2012 DNS Server log must be enabled.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	AUDIT AND ACCOUNTABILITY
WN16-AC-000090 - Windows Server 2016 reversible password encryption must be disabled.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	IDENTIFICATION AND AUTHENTICATION
WN19-00-000210 - Windows Server 2019 passwords must be configured to expire.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	IDENTIFICATION AND AUTHENTICATION
WN19-CC-000410 - Windows Server 2019 must prevent Indexing of encrypted files.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN22-AC-000090 - Windows Server 2022 reversible password encryption must be disabled.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	IDENTIFICATION AND AUTHENTICATION
WN22-SO-000190 - Windows Server 2022 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search