Item Search

Name	Audit Name	Plugin	Category
2.3.1.3 (L1) Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.5.1 (L1) Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.3.9.1 (L1) Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.10.4 (L2) Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.2 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.11.9 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.6 (L1) Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.1 (L1) Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.4 (L1) Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.26.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.46.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.37.1.1 (L2) Ensure 'Turn off Windows Location Provider' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
19.7.42.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'	CIS Windows Server 2012 DC L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
Access Credential Manager as a trusted caller	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Access this computer from the network	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Adjust memory quotas for a process	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Allow Microsoft accounts to be optional	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Audit Computer Account Management	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit Logoff	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Audit Logon	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Create a pagefile	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Default Protections for Popular Software - 7z	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - 7zGUI	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - LyncCommunicator	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Pidgin	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Thunderbird	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Winamp	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - WindowsMediaPlayer	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Excel	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Outlook	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Picture Manager	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Publisher	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Word	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	CONFIGURATION MANAGEMENT
Deny log on as a batch job	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search