Item Search

Name	Audit Name	Plugin	Category
2.2.27 (L1) Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only)	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.31 Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.34 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.35 Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.7.2 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.7.2 Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.7.3 (L1) Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS	Windows	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/login.defs	CIS Debian Family Workstation L1 v1.0.0	Unix	ACCESS CONTROL
5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session	CIS Debian Family Server L1 v1.0.0	Unix	ACCESS CONTROL
18.9.26.1 (L1) Ensure 'Allow Custom SSPs and APs to be loaded into LSASS' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.26.1 (L1) Ensure 'Allow Custom SSPs and APs to be loaded into LSASS' is set to 'Disabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.26.1 (L1) Ensure 'Allow Custom SSPs and APs to be loaded into LSASS' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.59.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.56.3.3.4 (L1) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.4 (L2) Ensure 'Do not allow location redirection' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.82.1 (L1) Ensure 'Configure the transmission of the user's password in the content of MPR notifications sent by winlogon.' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
19.7.8.5 (L1) Ensure 'Turn off Spotlight collection on Desktop' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
34.2 (L1) Ensure 'Allow Spotlight Collection (User)' is set to '0'	CIS Microsoft Intune for Windows 11 v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
Choose drive encryption method and cipher strength	MSCT Windows 10 v1507 v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Interactive logon: Smart card removal behavior	MSCT Windows 10 1909 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v21H1 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2025 DC v2506 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v22H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server v20H2 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 1903 v1.19.9	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 10 v2004 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server v1909 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server v2004 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows 11 v23H2 v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Smart card removal behavior	MSCT Windows Server 2025 MS v2506 v1.0.0	Windows	ACCESS CONTROL
WN22-DC-000410 - Windows Server 2022 Deny log on through Remote Desktop Services user right on domain controllers must be configured to prevent unauthenticated access.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	ACCESS CONTROL

Detections

Analytics

Item Search