Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.3 Ensure 'Failover' is enabledCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

1.2.4 Ensure 'Unused Interfaces' is disableCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.3.1 Pre-authentication BannerCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.3.2 Post-authentication BannerCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.1 Pre-authentication BannerCIS Cisco IOS XR 7.x v1.0.1 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.2 Disable iPXE (Pre-boot eXecution Environment)CIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.7.2 Post-authentication BannerCIS Cisco IOS XR 7.x v1.0.1 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

2.4 Ensure DHCP services are disabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure ICMP is restricted for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5.3 Ensure HA Reserved Management Interface is configuredCIS Fortigate 7.0.x v1.3.0 L1FortiGate

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1 Ensure DNS services are configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ensure That the Default Network Does Not Exist in a ProjectCIS Google Cloud Platform Foundation v4.0.0 L2GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.1.1 Configure EIGRP Authentication on all EIGRP Routing DevicesCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.2.3 Configure BGP AuthenticationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.4.4 Configure HSRP protectionsCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2 Ensure intrusion prevention is enabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.2.2 Disable ICMP Redirects on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2.3 Disable Proxy ARP on all Layer 3 InterfacesCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3 Ensure packet fragments are restricted for untrusted interfacesCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5 Ensure That RSASHA1 Is Not Used for the Zone-Signing Key in Cloud DNS DNSSECCIS Google Cloud Platform Foundation v4.0.0 L1GCP

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.5.1 Basic Fiber Channel ConfigurationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.8 Ensure 'security-level' is set to '0' for Internet-facing interfaceCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Botnet protection is enabled for untrusted interfacesCIS Cisco ASA 9.x Firewall L2 v1.1.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Botnet protection is enabled for untrusted interfacesCIS Cisco Firewall v8.x L1 v4.2.0Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.12 Ensure explicit deny in access lists is configured correctlyCIS Cisco ASA 9.x Firewall L1 v1.1.0Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

4.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Intune for Windows 11 v4.0.0 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Intune for Windows 11 v4.0.0 L2Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.7 Ensure to set Strong SSH KEY Exchange algorithmCIS F5 Networks v1.0.0 L1F5

ACCESS CONTROL, CONFIGURATION MANAGEMENT

6.2.1 Ensure that 'trusted locations' are definedCIS Microsoft Azure Foundations v4.0.0 L2microsoft_azure

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2016 v4.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MSWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NGWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NGWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L1) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT

18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

ACCESS CONTROL, CONFIGURATION MANAGEMENT