Item Search

Name	Audit Name	Plugin	Category
1.2 Set 'Maximum receive size - organization level' to '10240'	CIS Microsoft Exchange Server 2016 Hub v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG	Windows	CONFIGURATION MANAGEMENT
18.9.30.2 Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.7 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	MEDIA PROTECTION
18.10.9.3.7 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	MEDIA PROTECTION
18.10.10.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	MEDIA PROTECTION
18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.12 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.36.1 Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
19.1.3.4 Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search