| 17.2.2 Ensure 'Audit Distribution Group Management' is set to include 'Success and Failure' (DC only) - Success (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 17.5.5 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.1 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' - Success and Failure | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.3 Ensure 'Audit Other Object Access Events' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 (L1) Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.6.4 Ensure 'Audit Removable Storage' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.5 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.5 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| CIS_DC_SERVER_2012_R2_Level_1_v3.0.0.audit from CIS Microsoft Windows Server 2012 R2 Benchmark | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | |
| CIS_Microsoft_Windows_10_Enterprise_v4.0.0_L2.audit from CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_11_Enterprise_v4.0.0_L1.audit from CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | |
| CIS_MS_Windows_Server_2008_R2_DC_Level_1_v3.3.1.audit from CIS MS Windows Server 2008 R2 Benchmark v3.3.1 | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | |
| CIS_MS_Windows_Server_2008_R2_MS_Level_1_v3.3.1.audit from CIS MS Windows Server 2008 R2 Benchmark v3.3.1 | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | |
| DB2X-00-007300 - DB2 must utilize centralized management of the content captured in audit records generated by all components of DB2. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DB2X-00-007300 - DB2 must utilize centralized management of the content captured in audit records generated by all components of DB2. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DISA_Microsoft_Windows_Server_2019_STIG_v3r4.audit from DISA Microsoft Windows Server 2019 STIG v3r4 | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | |
| DISA_STIG_MS_Windows_Vista_V6R41_STIG.audit | DISA Windows Vista STIG v6r41 | Windows | |
| MSCT_Windows_10_21H1_v1.0.0.audit from MSCT Windows 10 Version 21H1 Security Baseline | MSCT Windows 10 v21H1 v1.0.0 | Windows | |
| MSCT_Windows_10_1507_v1.0.0.audit from MSCT Windows 10 Version 1507 Security Baseline | MSCT Windows 10 v1507 v1.0.0 | Windows | |
| MSCT_Windows_11_24H2_v1.0.0.audit from MSCT Windows 11 Version 24H2 Security Baseline | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
| SQL4-00-014000 - SQL Server and/or the operating system must protect its audit configuration from unauthorized modification. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL4-00-014100 - SQL Server and the operating system must protect SQL Server audit features from unauthorized removal. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000031-DC - The system must be configured to audit DS Access - Directory Service Access successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000035-DC - The system must be configured to audit DS Access - Directory Service Changes successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
