Item Search

NameAudit NamePluginCategory
2.2 Ensure access to sensitive site features is restricted to authenticated principals onlyCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

2.2.29 Configure 'Log on as a service'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.3 Ensure 'forms authentication' require SSLCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Ensure 'forms authentication' is set to use cookies - ApplicationCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

2.4 Ensure 'forms authentication' is set to use cookies - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.2 Ensure 'debug' is turned off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

3.5 Ensure ASP.NET stack tracing is not enabledCIS IIS 8.0 v1.5.1 Level 2Windows

CONFIGURATION MANAGEMENT

3.5 Ensure ASP.NET stack tracing is not enabled - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.6 Set 'Allow basic authentication' to 'False'CIS Microsoft Exchange Server 2013 CAS v1.1.0Windows

IDENTIFICATION AND AUTHENTICATION

3.6 Set 'Allow basic authentication' to 'False'CIS Microsoft Exchange Server 2016 CAS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured - DefaultCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.10 Ensure global .NET trust level is configured - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, MEDIA PROTECTION

4.6 Ensure 'HTTP Trace Method' is disabledCIS IIS 8.0 v1.5.1 Level 1Windows

CONFIGURATION MANAGEMENT

4.6 Ensure 'HTTP Trace Method' is disabled - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

4.8 Ensure Handler is not granted Write and Script/ExecuteCIS IIS 8.0 v1.5.1 Level 1Windows

ACCESS CONTROL

4.8 Ensure Handler is not granted Write and Script/Execute - ApplicationsCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

4.10 Ensure 'notListedCgisAllowed' is set to falseCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND SERVICES ACQUISITION

5.2.7 Ensure pwd_algorithm is configuredCIS IBM AIX 7 v1.0.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.1 Ensure FTP requests are encrypted - Control Channel DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure FTP requests are encrypted - Data Channel DefaultCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.1 Ensure FTP requests are encrypted - Data Channel SitesCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure FTP Logon attempt restrictions is enabledCIS IIS 8.0 v1.5.1 Level 1Windows
6.2 Ensure FTP Logon attempt restrictions is enabledCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND INFORMATION INTEGRITY

7.1 Ensure HSTS Header is set - ServerCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure HSTS Header is set - SitesCIS IIS 10 v1.2.1 Level 2Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.1 Ensure that the MaxZoneParts setting for Web Part limits is set to 100.CIS Microsoft SharePoint 2016 OS v1.1.0Windows

CONFIGURATION MANAGEMENT

7.1 Ensure that the MaxZoneParts setting for Web Parts is configuredCIS Microsoft SharePoint 2019 OS v1.0.0Windows

CONFIGURATION MANAGEMENT

7.2 Ensure SSLv2 is DisabledCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.5 Ensure TLS 1.1 is DisabledCIS IIS 10 v1.2.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

7.6 Ensure TLS 1.2 is EnabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.7 Ensure NULL Cipher Suites is DisabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 40/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 56/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 64/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.9 Ensure RC4 Cipher Suites is Disabled - RC4 128/128CIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.11 Ensure AES 256/256 Cipher Suite is EnabledCIS IIS 10 v1.2.1 Level 1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.11 Ensure Triple DES Cipher Suite is configuredCIS IIS 8.0 v1.5.1 Level 1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

17.4.2 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.18.7 (L2) Ensure 'Enable Windows Package Manager command line interfaces' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

IIST-SI-000252 - The maximum number of requests an application pool can process for each IIS 10.0 website must be explicitly set.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IIST-SI-000262 - Interactive scripts on the IIS 10.0 web server must have restrictive access controls.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IISW-SI-000252 - The maximum number of requests an application pool can process for each IIS 8.5 website must be explicitly set.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SI-000256 - The maximum queue length for HTTP.sys for each IIS 8.5 website must be explicitly configured.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

IDENTIFICATION AND AUTHENTICATION

SPLK-CL-000490 - Splunk Enterprise must accept the DOD CAC or other PKI credential for identity management and personal authentication.DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST APISplunk

IDENTIFICATION AND AUTHENTICATION