Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4.11 Set 'Enable computer and user accounts to be trusted for delegation' to 'No One'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.4.16 Set 'Act as part of the operating system' to 'No One'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.4.3 Ensure authentication required for single user mode - rescue.serviceCIS Red Hat 6 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.33 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.34 Ensure 'Profile single process' is set to 'Administrators'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.2.35 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

5.1.3.3 Ensure 'ALL' Is Revoked on 'Sensitive' TablesCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.7 Ensure 'AUDIT SYSTEM' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL

5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL

5.6 Ensure root login is restricted to system consoleCIS Oracle Linux 6 Server L1 v2.0.0Unix

CONFIGURATION MANAGEMENT

5.7 Ensure access to the su command is restricted - wheel group contains rootCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.1.13 Audit SUID executablesCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.1.13 Audit SUID executablesCIS Red Hat 6 Workstation L1 v3.0.0Unix

ACCESS CONTROL

6.1.14 Audit SGID executablesCIS Oracle Linux 6 Server L1 v2.0.0Unix

ACCESS CONTROL

6.1.14 Audit SGID executablesCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.2.6 Ensure root is the only UID 0 accountCIS Oracle Linux 6 Workstation L1 v2.0.0Unix

ACCESS CONTROL

6.3 Ensure that SharePoint user sessions are terminated upon user logoff and when the idle time limit is exceededCIS Microsoft SharePoint 2019 OS v1.0.0Windows

ACCESS CONTROL

18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

Access Credential Manager as a trusted callerMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Act as part of the operating systemMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Back up files and directoriesMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Create a pagefileMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

Create a token objectMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Create a token objectMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Create permanent shared objectsMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Enable computer and user accounts to be trusted for delegationMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Ensure system administrator actions (sudolog) are collectedTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Ensure system administrator actions (sudolog) are collected - auditctlTenable Cisco Firepower Management Center OS Best Practices AuditUnix

AUDIT AND ACCOUNTABILITY

Force shutdown from a remote systemMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Impersonate a client after authenticationMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Impersonate a client after authenticationMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Load and unload device driversMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Modify firmware environment valuesMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Perform volume maintenance tasksMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Profile single processMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Profile single processMSCT Windows 10 v2004 v1.0.0Windows

ACCESS CONTROL

Profile single processMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Restore files and directoriesMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Restore files and directoriesMSCT Windows 10 v20H2 v1.0.0Windows

ACCESS CONTROL

Take ownership of files or other objectsMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL