Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.4 Ensure 'application pool identity' is configured for all application poolsCIS IIS 7 L1 v1.8.0Windows

ACCESS CONTROL

2.1.18 Ensure web server services are not in useCIS Debian Linux 12 v1.1.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS AlmaLinux OS 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Oracle Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Rocky Linux 9 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Debian Linux 12 v1.1.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Rocky Linux 9 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.1.18 Ensure web server services are not in useCIS Ubuntu Linux 22.04 LTS v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.19 Ensure web server services are not in useCIS SUSE Linux Enterprise 15 v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.1.19 Ensure web server services are not in useCIS SUSE Linux Enterprise 15 v2.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Red Hat EL8 Server L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS AlmaLinux OS 8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS CentOS Linux 7 v4.0.0 L1 WorkstationUnix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Amazon Linux 2 v3.0.0 L1Unix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Oracle Linux 8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

2.2.18 Ensure web server services are not in useCIS Red Hat EL8 Workstation L1 v3.0.0Unix

CONFIGURATION MANAGEMENT

5.5 Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.5 Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.6 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.6 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

CONFIGURATION MANAGEMENT

5.7 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.7 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.28 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.29 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.29 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.33 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.35 Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

CONFIGURATION MANAGEMENT

IIST-SI-000215 - Mappings to unused and vulnerable scripts on the IIS 10.0 website must be removed.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IIST-SI-000252 - The maximum number of requests an application pool can process for each IIS 10.0 website must be explicitly set.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IIST-SI-000255 - The application pool for each IIS 10.0 website must have a recycle time explicitly set.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IIST-SI-000261 - Interactive scripts on the IIS 10.0 web server must be located in unique and designated folders.DISA IIS 10.0 Site v2r11Windows

CONFIGURATION MANAGEMENT

IIST-SV-000118 - The IIS 10.0 web server must only contain functions necessary for operation.DISA IIS 10.0 Server v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SV-000118 - The IIS 10.0 web server must only contain functions necessary for operation.DISA IIS 10.0 Server v3r3Windows

CONFIGURATION MANAGEMENT

IIST-SV-000129 - The IIS 10.0 web server must perform RFC 5280-compliant certification path validation.DISA IIS 10.0 Server v2r10Windows

IDENTIFICATION AND AUTHENTICATION

IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND INFORMATION INTEGRITY

IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.DISA IIS 10.0 Server v3r3Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000252 - The maximum number of requests an application pool can process for each IIS 8.5 website must be explicitly set.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SI-000258 - The application pools rapid fail protection for each IIS 8.5 website must be enabled.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SI-000263 - Backup interactive scripts on the IIS 8.5 server must be removed.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SI-000264 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website.DISA IIS 8.5 Site v2r9Windows

CONFIGURATION MANAGEMENT

IISW-SV-000129 - The IIS 8.5 web server must perform RFC 5280-compliant certification path validation.DISA IIS 8.5 Server v2r7Windows

IDENTIFICATION AND AUTHENTICATION

IISW-SV-000137 - The production IIS 8.5 web server must utilize SHA2 encryption for the Machine Key.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND INFORMATION INTEGRITY

WG190 IIS6 - The web server must use a vendor-supported version of the web server software.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND INFORMATION INTEGRITY

WG242 IIS6 - Log file data must contain required data elements. - 'Logging Enabled'DISA STIG IIS 6.0 Site Checklist v6r16Windows

AUDIT AND ACCOUNTABILITY

WG242 IIS6 - Log file data must contain required data elements. - 'Logging Properties Set Correctly'DISA STIG IIS 6.0 Site Checklist v6r16Windows

AUDIT AND ACCOUNTABILITY