Item Search

Name	Audit Name	Plugin	Category
2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop Users'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.19 Ensure 'Deny log on locally' to include 'Guests'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.1.3 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.3 Configure 'Interactive logon: Message text for users attempting to log on'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.1 Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.7 Ensure 'Network access: Remotely accessible registry paths'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.9 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.3.16.1 Ensure 'System settings: Optional subsystems' is set to 'Defined: (blank)'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
2.3.17.2 Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.17.6 Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
5.13 Ensure 'Peer Networking Identity Manager (p2pimsvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.16 Ensure 'Remote Access Auto Connection Manager (RasAuto)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.29 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.32 Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.4.8 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnPublicNet	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOndomain	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - EnableRegistrars	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.7.1.1 Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	MEDIA PROTECTION
18.8.22.1.6 Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.47.5.1 Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.11.1.1 Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.12 Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
18.9.77.3.1 Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
18.9.97.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled' - Client	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
18.9.97.1.2 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - Client	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
AMLS-NM-000170 - The Arista Multilayer Switch must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	AUDIT AND ACCOUNTABILITY
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa commands all start-stop	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	CONFIGURATION MANAGEMENT
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa exec default start-stop	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	CONFIGURATION MANAGEMENT
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - aaa login console group	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	CONFIGURATION MANAGEMENT
AMLS-NM-000430 - The Arista Multilayer Switch must employ AAA service to centrally manage authentication settings - radius/tacacs-server host	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	CONFIGURATION MANAGEMENT
AMLS-NM-000440 - The Arista Multilayer Switch must support organizational requirements to conduct backups of system-level information contained in the information system when changes occur or weekly, whichever is sooner.	DISA STIG Arista MLS DCS-7000 Series NDM v1r4	Arista	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING
MD4X-00-000400 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	CONFIGURATION MANAGEMENT
MD4X-00-000500 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	CONFIGURATION MANAGEMENT
MD4X-00-001100 - MongoDB must associate organization-defined types of security labels having organization-defined security label values with information in storage and transmission.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB	MongoDB	ACCESS CONTROL
MD4X-00-001200 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB	MongoDB	ACCESS CONTROL
MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
MD4X-00-001550 - MongoDB must limit the total number of concurrent connections to the database.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	ACCESS CONTROL
MD4X-00-002000 - MongoDB must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to MongoDB.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB	MongoDB	CONFIGURATION MANAGEMENT
MD4X-00-006300 - When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed.	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS	Unix	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search