Item Search

Name	Audit Name	Plugin	Category
2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.2.17 (L1) Ensure 'Create symbolic links' is set to 'Administrators' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.20 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.34 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.36 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)	CIS Windows Server 2012 DC L2 v3.0.0	Windows	ACCESS CONTROL
2.2.39 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.47 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.5.5 (L1) Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.3.10.4 (L2) Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.11.4 (L1) Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.1 (L1) Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.6 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
18.5.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.20.1.8 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.12 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.81.3 (L2) Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.89.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
Act as part of the operating system	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Always install with elevated privileges	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Audit Authentication Policy Change	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit Logoff	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit Other Account Management Events	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit: Shut down system immediately if unable to log security audits	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Backup files and directories	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Debug programs	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Default Protections for Popular Software - Firefox	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - FoxitReader	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - mIRC	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Safari	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - ThunderbirdPluginContainer	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Winamp	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - WindowsMediaPlayer	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Winzip	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - PowerPoint	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Devices: Allowed to format and eject removable media	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	MEDIA PROTECTION

Detections

Analytics

Item Search