Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.3.4 Ensure 'Maximum lifetime for user ticket renewal' is set to '7 or fewer days' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

1.3.4 Ensure 'Maximum lifetime for user ticket renewal' is set to '7 or fewer days' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

1.3.5 Ensure 'Maximum tolerance for computer clock synchronization' is set to '5 or fewer minutes' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only)CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.9 (L1) Ensure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.11 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.10.11 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.11 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.11 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configuredCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

20.18 Ensure 'Directory data (outside the root DSE) of a non-public directory is configured' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.43 Ensure 'Organization created Active Directory Organizational Unit (OU) objects have proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.43 Ensure 'Organization created Active Directory Organizational Unit (OU) objects have proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND INFORMATION INTEGRITY

20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

SYSTEM AND INFORMATION INTEGRITY

ARDC-CL-000045 - Adobe Reader DC must block Flash Content.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ARDC-CN-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ARDC-CN-000045 - Adobe Reader DC must block Flash Content.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

ARDC-CN-000080 - Adobe Reader DC must disable Acrobat Upsell.DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

WN19-DC-000040 - Windows Server 2019 Kerberos user ticket lifetime must be limited to 10 hours or less.DISA Microsoft Windows Server 2019 STIG v3r4Windows

IDENTIFICATION AND AUTHENTICATION

WN19-DC-000060 - Windows Server 2019 computer clock synchronization tolerance must be limited to five minutes or less.DISA Microsoft Windows Server 2019 STIG v3r4Windows

IDENTIFICATION AND AUTHENTICATION

WN19-DC-000220 - Windows Server 2019 Active Directory RID Manager$ object must be configured with proper audit settings.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

WN19-DC-000330 - Windows Server 2019 domain controllers must be configured to allow reset of machine account passwords.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN22-DC-000040 - Windows Server 2022 Kerberos user ticket lifetime must be limited to 10 hours or less.DISA Microsoft Windows Server 2022 STIG v2r4Windows

IDENTIFICATION AND AUTHENTICATION

WN22-DC-000170 - Windows Server 2022 Active Directory Group Policy objects must be configured with proper audit settings.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY