Item Search

NameAudit NamePluginCategory
2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

CONFIGURATION MANAGEMENT

18.8.37.1 Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only) - EnabledCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

18.9.77.10.2 Ensure 'Turn on e-mail scanning' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain ControllerWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

WN19-DC-000390 - Windows Server 2019 Deny log on as a service user right must be configured to include no accounts or groups (blank) on domain controllers.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL