Item Search

Name	Audit Name	Plugin	Category
2.2 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges for the local server.	CIS Microsoft SharePoint 2016 OS v1.1.0	Windows	ACCESS CONTROL
2.2 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges for the local server.	CIS Microsoft SharePoint 2019 OS v1.0.0	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.44 Ensure 'Manage auditing and security log' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only)	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.3.28.2 (L1) Ensure 'Disable the Office client from polling the SharePoint Server for published links' is set to 'Enabled'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1	MDM	ACCESS CONTROL
2.7 (L1) Ensure expired and revoked SSL certificates are removed from the ESXi server	CIS VMware ESXi 7.0 v1.5.0 L1 Bare Metal	Unix	ACCESS CONTROL
3.1.2 Encrypt user data across the network	CIS IBM DB2 v10 v1.1.0 Windows OS Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
3.1.2 Encrypt user data across the network	CIS IBM DB2 v10 v1.1.0 Linux OS Level 1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1	MDM	ACCESS CONTROL
3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1	MDM	ACCESS CONTROL
3.4.4 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less	MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1	MDM	ACCESS CONTROL
3.11 Ensure that the SharePoint Central Administration interface is not hosted in the DMZ.	CIS Microsoft SharePoint 2019 OS v1.0.0	Windows
3.11 Ensure that the SharePoint Central Administration interface is not hosted in the DMZ.	CIS Microsoft SharePoint 2016 OS v1.1.0	Windows
5.2 Ensure External File System Access is disabled - enable cis	CIS Sybase 15.0 L1 DB v1.1.0	SybaseDB
5.2 Ensure External File System Access is disabled - enable file access	CIS Sybase 15.0 L1 DB v1.1.0	SybaseDB
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 AWS RDS v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2016 Database L1 DB v1.4.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2022 Database L1 DB v1.1.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 AWS RDS v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.3 Ensure 'Login Auditing' is set to 'failed logins'	CIS SQL Server 2017 Database L1 DB v1.3.0	MS_SQLDB	AUDIT AND ACCOUNTABILITY
5.14 (L1) Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
6.12.2 Ensure At Least 2 External SYSLOG Hosts are Set with Any/Info	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	AUDIT AND ACCOUNTABILITY
7.6 Ensure TLS 1.2 is enabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
49.15 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
CIS VMware ESXi 5.5 v1.2.0 Level 2	CIS VMware ESXi 5.5 v1.2.0 Level 2	VMware
FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.	DISA Fortigate Firewall NDM STIG v1r4	FortiGate	SYSTEM AND INFORMATION INTEGRITY
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected - enc-algorithm	DISA Fortigate Firewall STIG v1r3	FortiGate	SYSTEM AND INFORMATION INTEGRITY
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set certificate	DISA Fortigate Firewall STIG v1r3	FortiGate	SYSTEM AND INFORMATION INTEGRITY
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set mode	DISA Fortigate Firewall STIG v1r3	FortiGate	SYSTEM AND INFORMATION INTEGRITY
FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set server	DISA Fortigate Firewall STIG v1r3	FortiGate	SYSTEM AND INFORMATION INTEGRITY
Login: ssh - v1 is disabled	TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit	Alcatel	CONFIGURATION MANAGEMENT
OH12-1X-000012 - OHS must have the SSLFIPS directive enabled to protect the integrity of remote sessions in accordance with the categorization of data hosted by the web server.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	ACCESS CONTROL
OH12-1X-000295 - OHS must have the SSLFIPS directive enabled to implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting data that must be compartmentalized.	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
OH12-1X-000299 - OHS must have the SSLFIPS directive enabled so SSL requests can be processed with client certificates only issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs).	DISA STIG Oracle HTTP Server 12.1.3 v2r3	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
SYMP-AG-000370 - Symantec ProxySG providing user authentication intermediary services must use multifactor authentication for network access to nonprivileged accounts.	DISA Symantec ProxySG Benchmark ALG v1r3	BlueCoat	IDENTIFICATION AND AUTHENTICATION
SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - enable	DISA Symantec ProxySG Benchmark NDM v1r2	BlueCoat	AUDIT AND ACCOUNTABILITY
SYMP-NM-000080 - Symantec ProxySG must be configured to support centralized management and configuration of the audit log - Syslog IP	DISA Symantec ProxySG Benchmark NDM v1r2	BlueCoat	AUDIT AND ACCOUNTABILITY
SYMP-NM-000140 - Symantec ProxySG must back up event logs onto a different system or system component than the system or component being audited - Syslog Enabled	DISA Symantec ProxySG Benchmark NDM v1r2	BlueCoat	AUDIT AND ACCOUNTABILITY
WBLC-02-000077 - Oracle WebLogic must produce audit records containing sufficient information to establish where the events occurred.	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search