| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-00-000004 - Users with administrative privilege must be documented. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000006 - Policy must require that system administrators (SAs) be trained for the operating systems used by systems under their control. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000008 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000011 - Windows 2012/2012 R2 manually managed application account passwords must be changed at least annually or when a system administrator with knowledge of the password leaves the organization. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000012 - Shared user accounts must not be permitted on the system. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AC-000004 - The password history must be configured to 24 passwords remembered. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-AU-000017 - The system must be configured to audit Account Management - Security Group Management successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000045 - The system must be configured to audit Logon/Logoff - Logoff successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000089 - The system must be configured to audit Policy Change - Authorization Policy Change successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000112 - The system must be configured to audit System - System Integrity failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000205 - Permissions for the Security event log must prevent access by nonprivileged accounts. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000206 - Permissions for the System event log must prevent access by nonprivileged accounts. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-CC-000012 - The configuration of wireless devices using Windows Connect Now must be disabled | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000016 - Windows Update must be prevented from searching for point and print drivers. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000028 - Group Policy objects must be reprocessed even if they have not changed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000033 - Event Viewer Events.asp links must be turned off. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000048 - Copying of user input methods to the system account for sign-in must be prevented. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000075 - The use of biometrics must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000076 - The password reveal button must not be displayed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000091 - File Explorer shell protocol must run in protected mode. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000116 - The Windows Installer Always install with elevated privileges option must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000125 - The Windows Remote Management (WinRM) client must not use Digest authentication. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | MAINTENANCE |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000012 - Nonadministrative user accounts or groups must only have print permissions on printer shares. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000018 - Non system-created file shares on a system must limit access to groups that require it. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-GE-000022 - Servers must have a host-based Intrusion Detection System. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-GE-000027 - File Transfer Protocol (FTP) servers must be configured to prevent access to the system drive. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-RG-000004 - Anonymous access to the registry must be restricted | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-SO-000004 - Local accounts with blank passwords must be restricted to prevent access from the network. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000007 - Auditing the Access of Global System Objects must be turned off. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000009 - Audit policy using subcategories must be enabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-SO-000012 - Outgoing secure channel traffic must be encrypted or signed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000019 - The Ctrl+Alt+Del security attention sequence for logons must be enabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000021 - The machine inactivity limit must be set to 15 minutes, locking the system with the screensaver. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-SO-000025 - Users must be warned in advance of their passwords expiring. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000029 - The Windows SMB client must be enabled to perform SMB packet signing when possible. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000032 - The Windows SMB server must be configured to always perform SMB packet signing. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000045 - The system must be configured to use Safe DLL Search Mode. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000046 - The system must be configured to have password protection take effect within a limited time frame when the screen saver becomes active. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000050 - Anonymous SID/Name translation must not be allowed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000051 - Anonymous enumeration of SAM accounts must not be allowed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000052 - Anonymous enumeration of shares must be restricted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000059 - Network shares that can be accessed anonymously must not be allowed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000065 - The system must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000066 - The system must be configured to force users to log off when their allowed logon hours expire. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
