Item Search

Name	Audit Name	Plugin	Category
1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
3.2.1.18 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'	AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1	MDM	ACCESS CONTROL
4.6.5 Ensure default user umask is 027 or more restrictive	CIS Amazon Linux 2023 Server L1 v1.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.4 Ensure 'HomeGroup Provider (HomeGroupProvider)' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.4 Ensure 'HomeGroup Provider (HomeGroupProvider)' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.6.5 Ensure default user umask is 027 or more restrictive	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.6.5 Ensure default user umask is 027 or more restrictive	CIS Fedora 28 Family Linux Server L1 v2.0.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.30 (L2) Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L2	Windows	CONFIGURATION MANAGEMENT
5.30 (L2) Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	CONFIGURATION MANAGEMENT
5.31 Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.31 Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
18.10.15.2 Ensure 'Allow Diagnostic Data' is set to 'Enabled: Send required diagnostic data' or 'Enabled: Send optional diagnostic data' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.15.2 Ensure 'Allow Diagnostic Data' is set to 'Enabled: Send required diagnostic data' or 'Enabled: Send optional diagnostic data' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.10 Ensure 'Active Directory SYSVOL directory must have the proper access control permissions' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.23 Ensure 'Domain controllers have a PKI server certificate' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.23 Ensure 'Domain controllers have a PKI server certificate' (STIG DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.64 Ensure 'TFTP Client' is 'not installed'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
20.64 Ensure 'TFTP Client' is 'not installed'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
AADC-CL-000275 - Adobe Acrobat Pro DC Classic PDF file attachments must be blocked.	DISA STIG Adobe Acrobat Pro DC Classic Track v2r1	Windows	CONFIGURATION MANAGEMENT
AADC-CL-001015 - Adobe Acrobat Pro DC Classic Protected View must be enabled.	DISA STIG Adobe Acrobat Pro DC Classic Track v2r1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-14-000005 - The macOS system must be configured to lock the user session when a smart token is removed.	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	ACCESS CONTROL
AOSX-14-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.	DISA STIG Apple Mac OSX 10.14 v2r6	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
AOSX-15-000005 - The macOS system must be configured to lock the user session when a smart token is removed.	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	ACCESS CONTROL
APPL-11-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.	DISA STIG Apple macOS 11 v1r5	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-11-003020 - The macOS system must use multifactor authentication for local access to privileged and non-privileged accounts.	DISA STIG Apple macOS 11 v1r8	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-12-001060 - The macOS system must accept and verify Personal Identity Verification (PIV) credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions - PIV credentials, implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, and only allow the use of DoD PKI-established certificate authorities to verify the establishment of protected sessions.	DISA STIG Apple macOS 12 v1r9	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
APPL-14-003020 The macOS system must enforce smart card authentication.	DISA Apple macOS 14 (Sonoma) STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-14-003030 The macOS system must allow smart card authentication.	DISA Apple macOS 14 (Sonoma) STIG v2r3	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-15-000033 - The macOS system must disable FileVault automatic login.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	ACCESS CONTROL
APPL-15-003020 - The macOS system must enforce smart card authentication.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	IDENTIFICATION AND AUTHENTICATION
APPL-15-003030 - The macOS system must allow smart card authentication.	DISA Apple macOS 15 (Sequoia) STIG v1r3	Unix	IDENTIFICATION AND AUTHENTICATION
Big Sur - Out of Scope Supplemental	NIST macOS Big Sur v1.4.0 - All Profiles	Unix	CONFIGURATION MANAGEMENT
DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.	DISA STIG Oracle 11 Installation v9r1 Windows	Windows
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.dat	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5	Unix	SYSTEM AND INFORMATION INTEGRITY
KNOX-07-013100 - The Samsung Android 7 with Knox must implement the management setting: Disable Manual Date Time Changes.	MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1	MDM	CONFIGURATION MANAGEMENT
MD3X-00-001100 - MongoDB must be configured in accordance with the security configuration settings based on DoD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs.	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS	Unix	CONFIGURATION MANAGEMENT
WN12-SO-000036 - Automatic logons must be disabled.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000036 - Automatic logons must be disabled.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search