Item Search

Name	Audit Name	Plugin	Category
1.2.2 Ensure 'Host Name' is set	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.2.3 Ensure 'Failover' is enabled	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
1.2.4 Ensure 'Unused Interfaces' is disable	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.3.1 Pre-authentication Banner	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.3.2 Post-authentication Banner	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.7.1 Pre-authentication Banner	CIS Cisco IOS XR 7.x v1.0.1 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.7.2 Disable iPXE (Pre-boot eXecution Environment)	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
1.7.2 Post-authentication Banner	CIS Cisco IOS XR 7.x v1.0.1 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
2.4 Ensure DHCP services are disabled for untrusted interfaces	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.4.4 Ensure idle timeout time is configured	CIS Fortigate 7.0.x v1.4.0 L1	FortiGate	ACCESS CONTROL, CONFIGURATION MANAGEMENT
2.5 Ensure ICMP is restricted for untrusted interfaces	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
2.5.2 Ensure "Monitor Interfaces" for High Availability devices is enabled	CIS Fortigate 7.0.x v1.4.0 L1	FortiGate	ACCESS CONTROL, CONFIGURATION MANAGEMENT
2.5.3 Ensure HA Reserved Management Interface is configured	CIS Fortigate 7.0.x v1.4.0 L1	FortiGate	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.1 Ensure DNS services are configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.1 Ensure That the Default Network Does Not Exist in a Project	CIS Google Cloud Platform Foundation v4.0.0 L2	GCP	ACCESS CONTROL, CONFIGURATION MANAGEMENT
3.1.2.3 Configure BGP Authentication	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.2 Ensure intrusion prevention is enabled for untrusted interfaces	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
3.2.2 Disable ICMP Redirects on all Layer 3 Interfaces	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.2.3 Disable Proxy ARP on all Layer 3 Interfaces	CIS Cisco NX-OS v1.2.0 L1	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.3 Ensure packet fragments are restricted for untrusted interfaces	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.8 Ensure 'security-level' is set to '0' for Internet-facing interface	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.9 Ensure Botnet protection is enabled for untrusted interfaces	CIS Cisco ASA 9.x Firewall L2 v1.1.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.9 Ensure Botnet protection is enabled for untrusted interfaces	CIS Cisco Firewall v8.x L1 v4.2.0	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.12 Ensure explicit deny in access lists is configured correctly	CIS Cisco ASA 9.x Firewall L1 v1.1.0	Cisco	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
4.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Intune for Windows 10 v4.0.0 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
4.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Intune for Windows 11 v4.0.0 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
4.8 Ensure access SSH to CLI interface is restricted to needed IP addresses only	CIS F5 Networks v1.0.0 L1	F5	ACCESS CONTROL, CONFIGURATION MANAGEMENT
5.2.1 Ensure that 'trusted locations' are defined	CIS Microsoft Azure Foundations v5.0.0 L2	microsoft_azure	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L2 MS	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2016 v4.0.0 L2 MS	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2019 v4.0.0 L2 DC	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.10 Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 11 Enterprise v5.0.1 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 (L1) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.11 Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 11 Enterprise v5.0.1 L2	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
18.5.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search