Item Search

Name	Audit Name	Plugin	Category
1.2.3 (L1) Ensure 'Allow Administrator account lockout' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL
1.2.3 (L1) Ensure 'Allow Administrator account lockout' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL
1.2.3 (L1) Ensure 'Allow Administrator account lockout' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
1.2.3 (L1) Ensure 'Allow Administrator account lockout' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.9 Ensure 'Allow log on locally' is set to 'Administrators' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.27.8 (L1) Ensure 'Control how Office handles form-based sign-in prompts' is set to 'Enabled: Block all prompts'	CIS Microsoft Intune for Office v1.1.0 L1	Windows	CONFIGURATION MANAGEMENT
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2012 Database L1 AWS RDS v1.6.0	MS_SQLDB	ACCESS CONTROL
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2014 Database L1 AWS RDS v1.5.0	MS_SQLDB	ACCESS CONTROL
3.10 Ensure Windows local groups are not SQL Logins	CIS SQL Server 2014 Database L1 DB v1.5.0	MS_SQLDB	ACCESS CONTROL
5.140 - The HBSS McAfee Agent is not installed. - FrameworkService	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
5.140 - The HBSS McAfee Agent is not installed. - masvc	DISA Windows Vista STIG v6r41	Windows	CONFIGURATION MANAGEMENT
18.3.5 Ensure 'WDigest Authentication' is set to 'Disabled' - Disabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.5.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.6.11.3 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL
18.8.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	SECURITY ASSESSMENT AND AUTHORIZATION
18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.10.9.3.5 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.10.1.4 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.4 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higher	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.10.3.12 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.10.3.12 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	MEDIA PROTECTION
18.10.92.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.92.1.1 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.93.1.1 (L1) Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.1.3.4 Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
20.16 Ensure 'Default permissions for the HKEY_LOCAL_MACHINE registry hive must be maintained'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
20.16 Ensure 'Default permissions for the HKEY_LOCAL_MACHINE registry hive must be maintained'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
20.16 Ensure 'Default permissions for the HKEY_LOCAL_MACHINE registry hive must be maintained' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, CONFIGURATION MANAGEMENT
DG0096-ORACLE11 - The DBMS IA policies and procedures should be reviewed annually or more frequently.	DISA STIG Oracle 11 Installation v9r1 Windows	Windows
O365-CO-000027 - Flash player activation must be disabled in all Office programs.	DISA STIG Microsoft Office 365 ProPlus v3r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search