Item Search

NameAudit NamePluginCategory
1.1.2.17 Set 'Audit Policy: Account Management: Security Group Management' to 'Success and Failure'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.3.6.5 Set 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' to '4 or fewer logon(s)'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.3.6.7 Set 'Interactive logon: Prompt user to change password before expiration' to '14 or more day(s)'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.1.4 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the admission control plugin ServiceAccount is setCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

ACCESS CONTROL

1.3 Ensure 'Make pattern visible' is set to 'Disabled' (if using a pattern as device lock mechanism)AirWatch - CIS Google Android v1.3.0 L1MDM

CONFIGURATION MANAGEMENT

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

CONFIGURATION MANAGEMENT

2.3 Ensure authentication is enabled in the sharded clusterCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3 Lock the BIND User AccountCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

ACCESS CONTROL

2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

ACCESS CONTROL

2.4 Ensure an industry standard authentication mechanism is used - authorizationCIS MongoDB 3.4 L2 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - authorizationCIS MongoDB 3.4 L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - modeCIS MongoDB 3.4 L2 Unix Audit v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4.1 Ensure 'Allow simple value' is set to 'Disabled'AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1MDM

CONFIGURATION MANAGEMENT

3.4.1 Ensure 'Allow simple value' is set to 'Disabled'AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1MDM

CONFIGURATION MANAGEMENT

4.1 Ensure SharePoint displays an approved system use notification message or banner before granting access to the system.CIS Microsoft SharePoint 2016 OS v1.1.0Windows

ACCESS CONTROL

5.4.1.4 Ensure inactive password lock is 30 days or less - usersCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.4.2 Ensure system accounts are non-loginCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

6.2.15 Ensure all groups in /etc/passwd exist in /etc/groupCIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

6.2.17 Ensure no duplicate GIDs existCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.17 Ensure no duplicate GIDs existCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.17 Ensure no duplicate GIDs existCIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.18 Ensure no duplicate user names existCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

6.2.18 Ensure no duplicate user names existCIS Amazon Linux v2.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

6.2.19 Ensure no duplicate group names existCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

IDENTIFICATION AND AUTHENTICATION

Accounts: Limit local account use of blank passwords to console logon onlyMSCT Windows 10 1909 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Audit Security Group ManagementMSCT Windows 10 1803 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v2004 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 v21H2 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v1909 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 v1507 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Domain member: Disable machine account password changesMSCT Windows Server 1903 DC v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 2019 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 2012 R2 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Ensure at/cron is restricted to authorized users - at.allowTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Ensure no duplicate user names existTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Ensure SSH PermitEmptyPasswords is disabledTenable Cisco Firepower Management Center OS Best Practices AuditUnix

IDENTIFICATION AND AUTHENTICATION

Enumerate administrator accounts on elevationMSCT Windows 10 v21H2 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Network access: Do not allow anonymous enumeration of SAM accountsMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL