Item Search

NameAudit NamePluginCategory
3.6 Configure Network Time Protocol (NTP) - OPTIONS=-u ntp:ntp -p /var/run/ntpd.pidCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

3.6 Configure Network Time Protocol (NTP) - server aaa.bbb.ccc.dddCIS Red Hat Enterprise Linux 5 L1 v2.2.1Unix

AUDIT AND ACCOUNTABILITY

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure Windows local groups are not SQL LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.10 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

9.1.1 Verify System File PermissionsCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

ACCESS CONTROL

18.6.7.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.6.7.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection'CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 MS NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

18.9.28.4 (L1) Ensure 'Enumerate local users on domain-joined computers' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.9.28.4 (L1) Ensure 'Enumerate local users on domain-joined computers' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.9.35.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

18.9.35.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.35.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.5.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

18.10.6.1 (L1) Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.77.3 (L1) Ensure 'Automatically send memory dumps for OS-generated error reports' is set to 'Disabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.80.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL

18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL

18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

ACCESS CONTROL

ESXI-80-000204 - The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000207 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000210 - The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

Network security: LAN Manager authentication levelMSCT Windows Server 1903 DC v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server v1909 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server 2019 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 v1507 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 v2004 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 1903 v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 10 v21H1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows Server 2019 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT MSCT Windows Server 2022 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication levelMSCT Windows 11 v22H2 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication level - LmCompatibilityLevelMSCT Windows Server 2025 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Network security: LAN Manager authentication level - LmCompatibilityLevelMSCT Windows Server 2025 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION