Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2 (L1) Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION

17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.3.1 (L1) Ensure 'Audit Process Creation' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.4.2 (L1) Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

17.6.3 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

18.4.2 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.5.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.6.4.1 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.8.1.1 (L2) Ensure 'Turn off notifications network usage' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.19.4 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.9.20.1.3 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.20.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.25.1 (L1) Ensure 'Configure password backup directory' is set to 'Enabled: Active Directory' or 'Enabled: Azure Active Directory'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONTINGENCY PLANNING

18.9.25.1 Ensure 'Configure password backup directory' is set to 'Enabled: Active Directory' or 'Enabled: Azure Active Directory'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

CONTINGENCY PLANNING

18.9.27.4 (L1) Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.48.1 (L2) Ensure 'Turn off the advertising ID' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.14.2 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.10.24.4 (L1) Ensure 'Default Protections for Popular Software' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.24.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.26.2.1 (L1) Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

18.10.26.2.2 (L1) Ensure 'Security: Specify the maximum log file size (KB)' is set to 'Enabled: 196,608 or greater'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

18.10.43.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.16 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.10.57.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.57.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.57.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.59.2 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.77.2.1 (L1) Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.10.89.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.89.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.93.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

19.5.1.1 (L1) Ensure 'Turn off toast notifications on the lock screen' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

19.7.42.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Windows Server 2012 R2 DC L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

DISA_STIG_MSSQL_2012_Database_v1r20.audit from DISA Microsoft SQL Server Instance 2012 v1r20 STIGDISA STIG SQL Server 2012 Database Audit v1r20MS_SQLDB
WDNS-SC-000011 - The Windows 2012 DNS Server must be configured to validate an authentication chain of parent and child domains via response data.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION