Item Search

Name	Audit Name	Plugin	Category
2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Shared Memory protocol is enabled'	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	SYSTEM AND INFORMATION INTEGRITY
2.12 Ensure SQL Server is configured to use non-standard ports	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	SYSTEM AND INFORMATION INTEGRITY
3.4 Ensure the SQL Server's MSSQL Service Account is Not an Administrator	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	ACCESS CONTROL
4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	ACCESS CONTROL
5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'	CIS SQL Server 2008 R2 DB OS L1 v1.7.0	Windows	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 AWS RDS v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
12.19 Network location of production and development databases - 'Separate'	CIS v1.1.0 Oracle 11g OS L1	Unix
12.19 Network location of production and development databases - 'Separate'	CIS v1.1.0 Oracle 11g OS Windows Level 1	Windows
Buffer overflow protection should be configured 'LimitRequestBody'	TNS IBM HTTP Server Best Practice	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
CGI-BIN directory should be disabled. 'AddModule mod_env.c'	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
CGI-BIN directory should be disabled. 'AddModule mod_env.c'	TNS IBM HTTP Server Best Practice	Windows	CONFIGURATION MANAGEMENT
CGI-BIN directory should be disabled. 'LoadModule cgi_module'	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
CGI-BIN directory should be disabled. 'LoadModule env_module'	TNS IBM HTTP Server Best Practice	Windows	CONFIGURATION MANAGEMENT
CGI-BIN directory should be disabled. 'ScriptAlias'	TNS IBM HTTP Server Best Practice	Windows	CONFIGURATION MANAGEMENT
Configuration files should be secured against unauthorized access.	TNS IBM HTTP Server Best Practice	Windows
Configuration files should be secured against unauthorized access.	TNS IBM HTTP Server Best Practice	Unix
Directory access permissions should be restricted.	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
File permissions in the root document should only be accessible by administrator	TNS IBM HTTP Server Best Practice	Unix
HTTP TRACE method should be disabled. 'RewriteLog'	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
HTTP TRACE method should be disabled. 'RewriteLogLevel'	TNS IBM HTTP Server Best Practice	Windows	AUDIT AND ACCOUNTABILITY
HTTP TRACE method should be disabled. 'TraceEnable'	TNS IBM HTTP Server Best Practice	Windows	CONFIGURATION MANAGEMENT
Keep Alive Timeout setting value should be appropriately configured.	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Latest Patches/Fixes should be installed	TNS IBM HTTP Server Best Practice	Windows	SYSTEM AND INFORMATION INTEGRITY
Latest Patches/Fixes should be installed	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND INFORMATION INTEGRITY
Limit HTTP methods allowed by the Web Server.	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined'	TNS IBM HTTP Server Best Practice	Windows	AUDIT AND ACCOUNTABILITY
Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log'	TNS IBM HTTP Server Best Practice	Windows	AUDIT AND ACCOUNTABILITY
Logging Directives should be restricted to authorized users. - 'LogFormat'	TNS IBM HTTP Server Best Practice	Unix	AUDIT AND ACCOUNTABILITY
Logging Directives should be restricted to authorized users. - 'LogLevel notice'	TNS IBM HTTP Server Best Practice	Unix	AUDIT AND ACCOUNTABILITY
Logs containing auditing information should be secured at the directory level.	TNS IBM HTTP Server Best Practice	Unix	AUDIT AND ACCOUNTABILITY
MaxSpareServers parameter value should be appropriately configured.	TNS IBM HTTP Server Best Practice	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
MinSpareServers parameter value should be appropriately configured.	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Non-Essential modules should be disabled. 'mod_info'	TNS IBM HTTP Server Best Practice	Windows	CONFIGURATION MANAGEMENT
Non-Essential modules should be disabled. 'mod_info'	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
Non-Essential modules should be disabled. 'mod_status'	TNS IBM HTTP Server Best Practice	Unix	CONFIGURATION MANAGEMENT
Server version information parameters should be turned off - 'ServerSignature Off'	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Server version information parameters should be turned off - 'ServerTokens Prod'	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
SQL2-00-023500 - SQL Server job/batch queues must be reviewed regularly to detect unauthorized SQL Server job submissions.	DISA STIG SQL Server 2012 Database Audit v1r20	MS_SQLDB	CONFIGURATION MANAGEMENT
SQL4-00-037500 - SQL Server must generate Trace or Audit records when successful logons or connections occur - Event ID 14	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037500 - SQL Server must generate Trace or Audit records when successful logons or connections occur - Event ID 16	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037500 - SQL Server must generate Trace or Audit records when successful logons or connections occur - Event ID 17	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037500 - SQL Server must generate Trace or Audit records when successful logons or connections occur.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - Event ID 17	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur - LOGOUT_GROUP	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
SQL4-00-037900 - SQL Server must generate Trace or Audit records when logoffs or disconnections occur.	DISA STIG SQL Server 2014 Instance DB Audit v2r4	MS_SQLDB	AUDIT AND ACCOUNTABILITY
StartServers parameter value should be appropriately configured.	TNS IBM HTTP Server Best Practice	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
Timeout value parameter value should be appropriately configured	TNS IBM HTTP Server Best Practice	Unix	ACCESS CONTROL

Detections

Analytics

Item Search