Item Search

Name	Audit Name	Plugin	Category
18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
18.9.11.1.3 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.5 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.9.3.9 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.10.1.4 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.4 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher	CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.5 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higher	CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v5.0.1 BL	Windows	MEDIA PROTECTION
DISA_F5_BIG-IP_Device_Management_v2r4.audit from DISA F5 BIG-IP Device Management v2r4 STIG	DISA F5 BIG-IP Device Management STIG v2r4	F5
DISA_STIG_MongoDB_Enterprise_Advanced_3.x_OS_Linux_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS	Unix
DISA_STIG_VMware_vSphere_7.0_vCA_PostgreSQL_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance PostgreSQL v1r2 STIG	DISA STIG VMware vSphere 7.0 PostgreSQL v1r2	Unix
DISA_VMware_vSphere_8.0_vCenter_Appliance_Perfcharts_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1	DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1	Unix
WN12-CC-000121 - Users must not be presented with Privacy and Installation options on first use of Windows Media Player.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-CC-000127 - The Windows Remote Management (WinRM) service must not allow unencrypted traffic.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	MAINTENANCE
WN12-CC-000128 - The Windows Remote Management (WinRM) service must not store RunAs credentials.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-CC-000138 - The display of slide shows on the lock screen must be disabled (Windows 2012 R2).	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-CC-000140 - The network selection user interface (UI) must not be displayed on the logon screen (Windows 2012 R2).	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-CC-000145 - Automatically signing in the last interactive user after a system-initiated restart must be disabled (Windows 2012 R2).	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-GE-000007 - Permissions for program file directories must conform to minimum requirements	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-GE-000010 - The system must not boot into multiple operating systems (dual-boot).	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-GE-000016 - Windows 2012/2012 R2 passwords must be configured to expire.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-GE-000056 - Windows 2012 / 2012 R2 must automatically remove or disable temporary user accounts after 72 hours.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-PK-000004 - The US DoD CCEB Interoperability Root CA cross-certificates must be installed into the Untrusted Certificates Store on unclassified systems.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
WN12-RG-000001 - Standard user accounts must only have Read permissions to the Winlogon registry key.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-RG-000002 - Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key - compatability	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-SO-000005 - The built-in administrator account must be renamed.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000016 - The maximum age for machine account passwords must be set to requirements.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000017 - The system must be configured to require a strong session key.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000023 - The Windows dialog box title for the legal banner must be configured.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-SO-000027 - The Smart Card removal option must be configured to Force Logoff or Lock Workstation.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000033 - The Windows SMB server must perform SMB packet signing when possible.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000037 - IPv6 source routing must be configured to the highest protection level.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000043 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000055-MS - Named pipes that can be accessed anonymously must be configured to contain no values on member servers.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000061 - Services using Local System that use Negotiate when reverting to NTLM authentication must use the computer identity vs. authenticating anonymously.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-SO-000064 - Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-SO-000068 - The system must be configured to the required LDAP client signing level.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000077 - User Account Control approval mode for the built-in Administrator must be enabled.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-SO-000092 - Users must be required to enter a password to access private keys stored on the computer.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-UC-000003 - The screen saver must be password protected.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UC-000007 - The Windows Help Experience Improvement Program must be disabled.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-UR-000003 - The Act as part of the operating system user right must not be assigned to any groups or accounts.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000007 - The Back up files and directories user right must only be assigned to the Administrators group.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000013 - The Create global objects user right must only be assigned to Administrators, Service, Local Service, and Network Service.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000020-MS - The Deny log on locally user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems, and from unauthenticated access on all systems.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000028 - The Load and unload device drivers user right must only be assigned to the Administrators group.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000035 - The Perform volume maintenance tasks user right must only be assigned to the Administrators group.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000036 - The Profile single process user right must only be assigned to the Administrators group.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL

Detections

Analytics

Item Search