Item Search

Name	Audit Name	Plugin	Category
2.1.4 Ensure 'ALLOWED_WEAK_CERT_ALGORITHMS' Is NOT Set.	CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Linux Host OS	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.1.4 Ensure 'ALLOWED_WEAK_CERT_ALGORITHMS' Is NOT Set.	CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Windows Server Host OS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.6 Ensure 'SQLNET.ENCRYPTION_CLIENT Is Set To 'REQUIRED'	CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Linux Host OS	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.3 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.3 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.9 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.10 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.10 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.11 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.11 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.16 Require Client-Side Certificates (X.509)	CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.11 Ensure sshd KexAlgorithms is configured	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.2.15 Ensure only strong Key Exchange algorithms are used	CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.11.36.4.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.11.55.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
4.11.55.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.6 Ensure sshd Ciphers are configured	CIS Debian Linux 12 v1.1.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.1.12 Ensure sshd KexAlgorithms is configured	CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.3.1 Ensure SSH is installed	CIS Amazon Linux 2 STIG v2.0.0 STIG	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
5.3.2 Ensure SSH is running	CIS Amazon Linux 2 STIG v2.0.0 STIG	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Ensure FTP requests are encrypted - Control Channel Default	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Ensure FTP requests are encrypted - Data Channel Default	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used	CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.4 Ensure Network Encryption is Configured and Enabled	CIS Microsoft SQL Server 2019 v1.5.0 L2 Database Engine	MS_SQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.6 Ensure TLS 1.2 is Enabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.7 Ensure NULL Cipher Suites is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 40/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 56/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 64/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.11 Ensure AES 256/256 Cipher Suite is Enabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
9.1 Ensure Replication Traffic is Secured	CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.1 Ensure All Group Replication Traffic is Secured	CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database	MySQLDB	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.3.4 Ensure that 'Secure transfer required' is set to 'Enabled'	CIS Microsoft Azure Foundations v4.0.0 L1	microsoft_azure	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
10.11 Force SSL for all applications	CIS Apache Tomcat 10.1 v1.1.0 L2	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.25.3 Ensure 'Enable password encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.2.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.89.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
49.26 (L1) Ensure 'Network Security Minimum Session Security For NTLMSSP Based Servers' is set to 'Require NTLM and 128-bit encryption'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search