Item Search

NameAudit NamePluginCategory
1.2 Ensure the Server Is Not a Multi-Use SystemCIS Apache HTTP Server 2.4 v2.2.0 L1Unix

CONFIGURATION MANAGEMENT

2.1.2 Ensure HTTP WebDAV module is not installedCIS NGINX Benchmark v2.1.0 L2 LoadbalancerUnix

CONFIGURATION MANAGEMENT

2.1.2 Ensure HTTP WebDAV module is not installedCIS NGINX Benchmark v2.1.0 L2 ProxyUnix

CONFIGURATION MANAGEMENT

3.1 Ensure 'deployment method retail' is setCIS IIS 7 L1 v1.8.0Windows

CONFIGURATION MANAGEMENT

3.6 Ensure 'httpcookie' mode is configured for session stateCIS IIS 8.0 v1.5.1 Level 2Windows

CONFIGURATION MANAGEMENT

3.6 Ensure 'httpcookie' mode is configured for session state - ApplicationsCIS IIS 7 L2 v1.8.0Windows

CONFIGURATION MANAGEMENT

3.6 Ensure 'httpcookie' mode is configured for session state - DefaultCIS IIS 7 L2 v1.8.0Windows

CONFIGURATION MANAGEMENT

4.7 Ensure Unlisted File Extensions are not allowed - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.7 Ensure Unlisted File Extensions are not allowed - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

5.3 Ensure 'ETW Logging' is enabled - Default ETWCIS IIS 8.0 v1.5.1 Level 1Windows

AUDIT AND ACCOUNTABILITY

5.3 Ensure 'ETW Logging' is enabled - Default W3CCIS IIS 8.0 v1.5.1 Level 1Windows

AUDIT AND ACCOUNTABILITY

5.3 Ensure 'ETW Logging' is enabled - Sites logFormat W3C with ETW targetCIS IIS 8.0 v1.5.1 Level 1Windows

AUDIT AND ACCOUNTABILITY

5.14 Ensure Browser Framing Is RestrictedCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

5.14 Ensure Browser Framing Is RestrictedCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

CONFIGURATION MANAGEMENT

6.3 Ensure that SharePoint user sessions are terminated upon user logoff and when the idle time limit is exceededCIS Microsoft SharePoint 2016 OS v1.1.0Windows

ACCESS CONTROL

AS24-U1-000240 - The Apache web server must not perform user management for hosted applications.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

CONFIGURATION MANAGEMENT

AS24-U1-000240 - The Apache web server must not perform user management for hosted applications.DISA STIG Apache Server 2.4 Unix Server v3r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

AS24-U1-000300 - The Apache web server must have resource mappings set to disable the serving of certain file types.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

CONFIGURATION MANAGEMENT

AS24-U1-000310 - The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Unix Server v3r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

AS24-U1-000310 - The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

CONFIGURATION MANAGEMENT

AS24-U1-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Unix Server v3r2 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000960 - The Apache web server software must be a vendor-supported version.DISA STIG Apache Server 2.4 Unix Server v3r2Unix

CONFIGURATION MANAGEMENT

AS24-U2-000310 - The Apache web server must allow mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Unix Site v2r6Unix

CONFIGURATION MANAGEMENT

AS24-U2-000310 - The Apache web server must allow mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Unix Site v2r6 MiddlewareUnix

CONFIGURATION MANAGEMENT

AS24-U2-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Unix Site v2r6 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U2-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Unix Site v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000300 - The Apache web server must have resource mappings set to disable the serving of certain file types.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT

AS24-W1-000310 - The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT

AS24-W1-000310 - The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Windows Server v3r3Windows

CONFIGURATION MANAGEMENT

AS24-W1-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.DISA STIG Apache Server 2.4 Windows Server v3r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000960 - The Apache web server software must be a vendor-supported version.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT

AS24-W1-000960 - The Apache web server software must be a vendor-supported version.DISA STIG Apache Server 2.4 Windows Server v3r3Windows

CONFIGURATION MANAGEMENT

AS24-W2-000300 - The Apache web server must have resource mappings set to disable the serving of certain file types.DISA STIG Apache Server 2.4 Windows Site v2r2Windows

CONFIGURATION MANAGEMENT

AS24-W2-000310 - The Apache web server must allow the mappings to unused and vulnerable scripts to be removed.DISA STIG Apache Server 2.4 Windows Site v2r2Windows

CONFIGURATION MANAGEMENT

AS24-W2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files.DISA STIG Apache Server 2.4 Windows Site v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W2-000830 - The Apache web server must be tuned to handle the operational requirements of the hosted application.DISA STIG Apache Server 2.4 Windows Site v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIGDISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows
VCEM-67-000015 - ESX Agent Manager must be configured with memory leak protection.DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4Unix

CONFIGURATION MANAGEMENT

VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCLU-70-000017 - Lookup Service directory tree must have permissions in an out-of-the-box state - out-of-the box state.DISA STIG VMware vSphere 7.0 Lookup Service v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-67-000012 - Performance Charts must have mappings set for Java servlet pages.DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3Unix

CONFIGURATION MANAGEMENT

VCPF-67-000016 - Performance Charts directory tree must have permissions in an 'out-of-the box' state - out-of-the box state.DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-70-000017 - Performance Charts directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

WA000-WI6084 IIS6 - The FavorUTF8 registry key must be set properly.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND INFORMATION INTEGRITY

WG040 A22 - Public web server resources must not be shared with private assets.DISA STIG Apache Server 2.2 Unix v1r11Unix
WG242 A22 - Log file data must contain required data elements.DISA STIG Apache Site 2.2 Unix v1r11Unix

AUDIT AND ACCOUNTABILITY

WG242 W22 - Log file data must contain required data elements.DISA STIG Apache Site 2.2 Windows v1r13Windows

AUDIT AND ACCOUNTABILITY

WG330 IIS6 - A public web server must limit e-mail to outbound only.DISA STIG IIS 6.0 Server v6r16Windows
WG490 IIS6 - Java software installed on the web server must be limited to class files and the JAVA virtual machine.DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT