Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.5 (L1) Ensure 'Allow log on locally' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.6 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.8 (L1) Ensure 'Allow log on locally' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.10 Ensure 'Back up files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.11 (L1) Ensure 'Back up files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.12 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.15 (L1) Ensure 'Create a token object' is set to 'No One'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.18 (L1) Ensure 'Deny log on as a service' to include 'Guests'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.21 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' (DC only)CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.22 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account and member of Administrators group' (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.23 (L1) Ensure 'Deny log on as a batch job' to include 'Guests'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.24 (L1) Ensure 'Deny log on as a service' to include 'Guests'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.26 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.27 (L1) Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.31 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.32 (L1) Ensure 'Profile single process' is set to 'Administrators'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.33 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.34 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators, Window Manager\Window Manager Group'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.36 (L1) Ensure 'Lock pages in memory' is set to 'No One'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.37 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.37 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.39 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 (L1) Ensure 'Modify an object label' is set to 'No One'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 (L1) Ensure 'Modify an object label' is set to 'No One'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.41 Ensure 'Load and unload device drivers' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.42 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.43 (L1) Ensure 'Profile single process' is set to 'Administrators'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.46 (L1) Ensure 'Restore files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.48 Ensure 'Modify firmware environment values' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'DBMS_CREDENTIAL' PackageCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" PackageCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.10 Minimize access to the proxy sub-resource of nodesCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.11 Minimize access to the approval sub-resource of certificatesigningrequests objectsCIS Kubernetes v1.10.0 L1 MasterUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

DG7003-ORACLE11 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device.DISA STIG Oracle 11 Installation v9r1 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\Network\Log\listener.log file permissions are correct'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\Log\sqlnet.log file permissions are correct'DISA STIG Oracle 11 Installation v9r1 WindowsWindows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/log/sqlnet.log mode 640'DISA STIG Oracle 11 Installation v9r1 LinuxUnix

AUDIT AND ACCOUNTABILITY

SHPT-00-000465 - SharePoint must support the requirement that privileged access is further defined between audit-related privileges and other privileges.DISA STIG SharePoint 2010 v1r9Windows

AUDIT AND ACCOUNTABILITY

WG250 IIS6 - Users other than Auditors group must not have greater than read access to log files.DISA STIG IIS 6.0 Site Checklist v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG250 W22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors.DISA STIG Apache Site 2.2 Windows v1r13Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG255 IIS6 - Access to the web site log files must be restricted.DISA STIG IIS 6.0 Site Checklist v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG255 W22 - Access to the web server log files must be restricted to Administrators, the user assigned to run the web server software, Web Manager, and Auditors.DISA STIG Apache Site 2.2 Windows v1r13Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-log.logDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-rep.logDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-undo.logDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-undone.lobDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 W22 - Web server system files must conform to minimum file permission requirements. - 'logs'DISA STIG Apache Server 2.2 Windows v1r13Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT