Item Search

Name	Audit Name	Plugin	Category
2.2.4 Ensure 'Act as part of the operating system' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.4 Ensure 'Act as part of the operating system' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.10 (L1) Ensure 'Back up files and directories' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.10 Ensure 'Back up files and directories' is set to 'Administrators, Backup Operators' - Administrators	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.13 Ensure 'Create a pagefile' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.16 Ensure 'Create permanent shared objects' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.16 Ensure 'Create permanent shared objects' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.17 (L1) Ensure 'Create symbolic links' is set to 'Administrators' (DC only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.18 Ensure 'Create symbolic links' is set to 'Administrators, NT VIRTUAL MACHINE\Virtual Machines' (MS only) - Administrators, NT VIRTUAL MACHINE\Virtual Machines	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.20 Ensure 'Deny access to this computer from the network' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.22 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.22 Ensure 'Deny log on as a service' to include 'Guests' - Guests	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.22 Ensure 'Deny log on as a service' to include 'Guests' - Guests	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.24 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.30 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only) - IIS_IUSRS	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.33 Ensure 'Lock pages in memory' is set to 'No One' - No One	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.34 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.35 Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) - Administrators	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.37 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.37 Ensure 'Modify firmware environment values' is set to 'Administrators' - Administrators	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.40 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' - Administrators, NT SERVICE\WdiServiceHost	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.41 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE' - LOCAL SERVICE, NETWORK SERVICE	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.42 (L1) Ensure 'Restore files and directories' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.42 (L1) Ensure 'Restore files and directories' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.42 Ensure 'Restore files and directories' is set to 'Administrators, Backup Operators' - Administrators	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.43 (L1) Ensure 'Shut down the system' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.43 Ensure 'Shut down the system' is set to 'Administrators, Backup Operators' - Administrators	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.44 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG	Windows	ACCESS CONTROL
2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured	CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.10.11 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
Access Credential Manager as a trusted caller	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	ACCESS CONTROL
Access Credential Manager as a trusted caller	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL
Create global objects	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL
Create permanent shared objects	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL
Profile single process	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL
Restore files and directories	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	ACCESS CONTROL
Take ownership of files or other objects	MSCT Windows Server 2022 v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search