Item Search

Name	Audit Name	Plugin	Category
2.2.3 (L1) Ensure 'Act as part of the operating system' is set to 'No One'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.5 (L1) Ensure 'Allow log on locally' is set to 'Administrators, Users'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.10 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.11 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.12 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.14 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.15 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.17 (L1) Ensure 'Deny log on as a batch job' to include 'Guests'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.18 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.18 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.24 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.25 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators, Window Manager\Window Manager Group'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.28 (L2) Ensure 'Log on as a batch job' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.30 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.31 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only)	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.32 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.32 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.32 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.34 (L1) Ensure 'Profile single process' is set to 'Administrators'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.35 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.36 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.36 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.40 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.41 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.44 (L1) Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.45 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.46 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.46 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.48 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.48 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.4.1 (L2) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
7.2.8 (L2) Ensure external sharing is restricted by security group	CIS Microsoft 365 Foundations v5.0.0 L2 E5	microsoft_azure	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
49.5 (L2) Ensure 'Devices: Prevent users from installing printer drivers when connecting to shared printers' is set to 'Enable'	CIS Microsoft Intune for Windows 10 v4.0.0 L2	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.6 (L1) Ensure 'Change System Time' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.8 (L1) Ensure 'Create Page File' is set to 'Administrators'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.10 (L1) Ensure 'Create Symbolic Links' is set to 'Administrators'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.13 (L1) Ensure 'Deny Access From Network' to include 'Guests, Local account'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.16 (L1) Ensure 'Deny Log On As Service Job' to include 'Guests'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.18 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.20 (L1) Ensure 'Impersonate Client' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.20 (L1) Ensure 'Load Unload Device Drivers' is set to 'Administrators'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.24 (L1) Ensure 'Modify Firmware Environment' is set to 'Administrators'	CIS Microsoft Intune for Windows 10 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.31 (L1) Ensure 'Remote Shutdown' is set to 'Administrators'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
89.34 (L1) Ensure 'Shut Down The System' is set to 'Administrators, Users'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search