Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 Secure Login and Telnet Disabling - Enable SSH serverTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

1.1.2 (L1) Ensure two emergency access accounts have been definedCIS Microsoft 365 Foundations v5.0.0 L1 E3microsoft_azure

ACCESS CONTROL

1.2 Ensure that the SharePoint Central Administration Site is TLS-enabled - HTTPSCIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Ensure that the SharePoint Central Administration Site is TLS-enabled - Port 443CIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Password Security Policy - a) The default password length shouldn't be below 8 charactersTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - b) The password must include either three of 'number', 'capital', 'lowercase', 'special-character' or set the 'character-set-num' value to 3-4Tenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password - same-consecutiveTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password - strong-password dictionaryTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - e) Check for strong-password max-lengthTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - e) Check for strong-password max-length - strong-password date-check enableTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.2 Password Security Policy - f) The validity period of an account can be configuredTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

1.5 FTP/SFTP Access Authorization - login-type-allowedTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

1.5 FTP/SFTP Access Authorization - sftp top-directoryTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

1.6 Support Web Access Security - a) ciphersuiteTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.6 Support Web Access Security - b) ssl-context fieldTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 SSH Strong Algorithm - b) Disable encryption 3des-cbcTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 SSH Strong Algorithm - e) Disable encryption aes256-cbcTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 SSH Strong Algorithm - g) Disable hmac md5Tenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.8 SSH Strong Algorithm - h) Disable hmac noneTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

1.9 SSL Strong Algorithm - c) pki-profileTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 NTP Security Protection - a) Enable NTPTenable ZTE ROSNGZTE_ROSNG

AUDIT AND ACCOUNTABILITY

2.2 NTP Security Protection - b) NTP access-groupTenable ZTE ROSNGZTE_ROSNG

SYSTEM AND COMMUNICATIONS PROTECTION

2.2 NTP Security Protection - c) NTP Auth-key encryptedTenable ZTE ROSNGZTE_ROSNG

AUDIT AND ACCOUNTABILITY

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.8 (L1) Ensure 'Allow log on locally' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.24 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.2.27 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.2.27 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3 Disable the Proxy ARP Function - b) No inter-vlan-proxyTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

2.3 Disable the Proxy ARP Function - d) No local-proxy-arpTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

2.4 Disable the IP Unreachable FunctionTenable ZTE ROSNGZTE_ROSNG

CONFIGURATION MANAGEMENT

3.1 Authentication and Verification of OSPF Routing Protocols - authentication message-digestTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

3.1 Authentication and Verification of OSPF Routing Protocols - message-digest-keyTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

3.2 Authentication and Verification of ISIS Routing Protocols - authenticationTenable ZTE ROSNGZTE_ROSNG

IDENTIFICATION AND AUTHENTICATION

3.3 Ensure Auto-Scaling Launch Configuration for Web-Tier is configured to use an approved Amazon Machine ImageCIS Amazon Web Services Three-tier Web Architecture L1 1.0.0amazon_aws

CONFIGURATION MANAGEMENT

CIS_Cisco_IOS_XE_17.x_v2.1.1_L1.audit from CIS Cisco IOS XE 17.x Benchmark v2.1.1CIS Cisco IOS XE 17.x v2.1.1 L1Cisco
SP13-00-000020 - SharePoint must use cryptography to protect the integrity of the remote access session.DISA STIG SharePoint 2013 v2r4Windows

ACCESS CONTROL

SP13-00-000110 - SharePoint must ensure authentication of both client and server during the entire session. An example of this is SSL Mutual Authentication.DISA STIG SharePoint 2013 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SP13-00-000135 - SharePoint must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission, unless the transmitted data is otherwise protected by alternative physical measures.DISA STIG SharePoint 2013 v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SV-000101 - The Microsoft FTP service must not be installed unless required.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SV-000101 - The Microsoft FTP service must not be installed unless required.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT