| CIS_MS_IIS_10_v1.2.1_Level_2.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 2 | Windows | |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - '.asax' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - '.inc file permissions' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - '.inc' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - 'global.asax' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - '.bat mappings' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - '.cmd mappings' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - 'Allowed Web Service Extensions' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - 'Index Server Web Interface Disallowed' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - 'Internet Data Connector Disallowed' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - 'Server Side Includes Disallowed' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI092 IIS6 - The IIS web site permissions 'Write' or 'Script Source' must not be selected. - 'Script Source permission check' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI120 IIS6 - The Content Location header must not contain proprietary IP addresses. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6026 IIS6 - The maximum used memory monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6028 IIS6 - The Shutdown worker processes Idle Timeout monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6032 IIS6 - The Enable pinging monitor must be enabled. - 'PingingEnabled set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6034 IIS6 - The Enable rapid-fail protection monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6036 IIS6 - The Enable rapid-fail time period monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6040 IIS6 - A unique non-privileged account must be used to run Worker Process Identities. - 'AppPoolIdentityType = 3 - WAMUserName' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI6040 IIS6 - A unique non-privileged account must be used to run Worker Process Identities. - 'AppPoolIdentityType Check' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WG110 IIS6 - Web sites must limit the number of simultaneous requests. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WG140 IIS6 - A private web sites authentication mechanism must use client certificates. - 'AccessSSLRequireCert Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC CertCheckMode' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC/WEBSITES CertCheckMode' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG170 IIS6 - Each readable web document directory must contain a default, home, index or equivalent file. - 'DefaultDoc' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG170 IIS6 - Each readable web document directory must contain a default, home, index or equivalent file. - 'EnableDefaultDoc set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG205 IIS6 - The web document (home) directory must be on a separate partition from the web servers system files. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG210 IIS6 - Web content directories must not be anonymously shared. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG235 IIS6 - Web Administrators must secure encrypted connections for Document Root directory uploads. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG242 IIS6 - Log file data must contain required data elements. - 'Logging Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | AUDIT AND ACCOUNTABILITY |
| WG250 IIS6 - Users other than Auditors group must not have greater than read access to log files. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - '128-Bit Encryption Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 3.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG350 IIS6 - A private web server must have a valid server certificate. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'CGI Directory Permissions' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Execute Permissions set 'Script only' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG430 IIS6 - Anonymous FTP users must not have access to interactive scripts. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
