Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) - Accept if provided by client or higherCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC and MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC and MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3.10.7 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.7 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

2.3.10.7 Ensure 'Network access: Remotely accessible registry paths'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configuredCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configuredCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL

2.3.10.10 Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

2.3.10.10 Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member ServerWindows

ACCESS CONTROL

2.3.10.10 Configure 'Network access: Remotely accessible registry paths' is configuredCIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

2.3.11.4 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.4 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

18.9.51.1.1 Ensure 'Configure Windows NTP Client' is set to 'Enabled: NT5DS' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

18.9.51.1.1 Ensure 'Configure Windows NTP Client' is set to 'Enabled: NT5DS' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

AUDIT AND ACCOUNTABILITY

20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.21 Ensure 'DoD Root Certificate Authority (CA) certificates' are installed in the 'Trusted Root Store'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.23 Ensure 'Domain controllers have a PKI server certificate' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

Choose drive encryption method and cipher strengthMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP.DISA F5 BIG-IP Access Policy Manager STIG v2r4F5

IDENTIFICATION AND AUTHENTICATION

WA00520 A22 - The web server must not be configured as a proxy server.DISA STIG Apache Server 2.2 Unix v1r11 MiddlewareUnix
WN19-MS-000050 - Windows Server 2019 must limit the caching of logon credentials to four or less on domain-joined member servers.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN22-MS-000050 - Windows Server 2022 must limit the caching of logon credentials to four or less on domain-joined member servers.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT