Item Search

Name	Audit Name	Plugin	Category
1.16 WN10-00-000070	CIS Microsoft Windows 10 STIG v1.0.0 CAT I	Windows	ACCESS CONTROL
2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.38 (L1) Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.4.2 Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
2.3.7.7 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2022 v5.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2025 v2.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.7.9 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2025 v2.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higher	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
5.11 Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.25 Ensure 'SNMP Service (SNMP)' is set to 'Disabled' or 'Not Installed'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.32 Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
9.3.1 Set SSH Protocol to 2	CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0	Unix	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.4.6 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.4.8 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.4.11 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOndomain	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNet	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - EnableRspndr	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableWPDRegistrar	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND INFORMATION INTEGRITY
18.8.22.1.6 Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.9 Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.11 Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' - Enabled	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.8.47.5.1 Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.39.2 Ensure 'Turn off location' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.9.59.3.2.1 Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.59.3.3.3 Ensure 'Do not allow LPT port redirection' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.98.1 Ensure 'Allow Remote Shell Access' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
Enable IKE Version 1/2 - rekey	Tenable Cisco Viptela SD-WAN - vEdge	Cisco_Viptela	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 1909 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v21H1 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server v2004 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2019 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v22H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 11 v22H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior - ScRemoveOption	MSCT Windows Server 2025 DC v1.0.0	Windows	ACCESS CONTROL
JUEX-L2-000040 - The Juniper EX switch must be configured to manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks.	DISA Juniper EX Series Layer 2 Switch v2r4	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
WN11-00-000070 - Only accounts responsible for the administration of a system must have Administrator rights on the system.	DISA Microsoft Windows 11 STIG v2r7	Windows	ACCESS CONTROL

Detections

Analytics

Item Search