Item Search

Name	Audit Name	Plugin	Category
1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.10 (L1) Ensure 'Back up files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.17 (L1) Ensure 'Create symbolic links' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.32 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.45 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.3 (L1) Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.1.5 (L1) Configure 'Accounts: Rename guest account'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.3.5.1 (L1) Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.3 (L1) Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.1 (L1) Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.11 (L1) Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
3.013 - Caching of logon credentials must be limited.	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.1 (L1) Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.4 (L1) Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
17.1.3 (L1) Ensure 'Audit Kerberos Service Ticket Operations' is set to 'Success and Failure' (DC Only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.3.7 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.5.4.2 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.6.2 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.7.1 (L1) Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.27.3.2 (L1) Ensure 'Setup: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.1 (L1) Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.2 (L1) Ensure 'System: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.47.15 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.65.3.3.2 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.67.2 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.108.1.1 (L1) Ensure 'Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.1.2 (L1) Ensure 'Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.2 (L1) Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search