Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	CONFIGURATION MANAGEMENT
2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabled	CIS Palo Alto Firewall 9 v1.1.0 L1	Palo_Alto	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator	CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS	MS_SQLDB	ACCESS CONTROL
18.9.25.1 (L1) Ensure 'Configure password backup directory' is set to 'Enabled: Active Directory' or 'Enabled: Azure Active Directory'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	CONTINGENCY PLANNING
18.9.25.1 (L1) Ensure 'Configure password backup directory' is set to 'Enabled: Active Directory' or 'Enabled: Azure Active Directory'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	CONTINGENCY PLANNING
49.12 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
49.12 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
49.15 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DATABASE_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DATABASE_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DATABASE_ROLE_MEMBER_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DB_OBJECT_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DB_OBJECT_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 42	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 43	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 82	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 83	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 84	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 85	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 86	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 87	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 88	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 89	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 91	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 102	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 103	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 104	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 105	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 108	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 109	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 110	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 111	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 162	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 170	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 171	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 173	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_ACCESS_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_OBJECT_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_PERMISSION_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_ROLE_MEMBER_CHANGE_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
WDNS-CM-000003 - The Windows 2012 DNS Server must prohibit recursion on authoritative name servers for which forwarders have not been configured for external queries.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	CONFIGURATION MANAGEMENT
WDNS-SC-000026 - The Windows 2012 DNS Server must restrict individuals from using it for launching Denial of Service (DoS) attacks against other information systems.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-CC-000139 - Windows 2012 R2 must include command line data in process creation events.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search