2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
2.2.15 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.15 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.15 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.16 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL |
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL |
3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS SQL Server 2016 Database L1 OS v1.4.0 | Windows | ACCESS CONTROL |
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS SQL Server 2017 Database L1 OS v1.3.0 | Windows | ACCESS CONTROL |
3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS SQL Server 2022 Database L1 OS v1.1.0 | Windows | ACCESS CONTROL |
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL |
3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL |
3.13 Ensure membership in admin roles in MSDB database is limited | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
3.042 - Outgoing secure channel traffic is not signed when possible. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
3.113 - Outgoing secure channel traffic is not encrypted or signed. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
6.2.3 Review Role Members | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
17.2.1 Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
18.9.25.8 (L1) Ensure 'Post-authentication actions: Actions' is set to 'Enabled: Reset the password and logoff the managed account' or higher | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
18.9.25.8 (L1) Ensure 'Post-authentication actions: Actions' is set to 'Enabled: Reset the password and logoff the managed account' or higher | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
WDNS-CM-000004 - Forwarders on an authoritative Windows 2012 DNS Server, if enabled for external resolution, must only forward to either an internal, non-AD-integrated DNS server or to the DoD Enterprise Recursive Services (ERS). | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
WN10-SO-000035 - Outgoing secure channel traffic must be encrypted or signed. | DISA Microsoft Windows 10 STIG v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN11-SO-000035 - Outgoing secure channel traffic must be encrypted or signed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000012 - Outgoing secure channel traffic must be encrypted or signed. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN12-SO-000012 - Outgoing secure channel traffic must be encrypted or signed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN16-SO-000080 - The setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WN16-SO-000090 - The setting Domain member: Digitally encrypt secure channel data (when possible) must be configured to enabled. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |