1.1.1.2 Ensure mounting of squashfs filesystems is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.3.6.2 Set 'Interactive logon: Smart card removal behavior' to 'Lock Workstation' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
1.1.3.6.6 Set 'Interactive logon: Require Domain Controller authentication to unlock workstation' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
1.1.11 Ensure separate partition exists for /var/tmp | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
1.1.17 Ensure separate partition exists for /home | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
1.1.27 Disable Automounting | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
1.5.3 Configure Netflow on Strategic Ports | CIS Cisco NX-OS v1.2.0 L2 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
2.2.3 Ensure Avahi Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
4.1.1.1 Ensure auditd is installed | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.1.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.1.2.7 Ensure audit_backlog_limit is sufficient | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.1.3.1 Ensure events that modify date and time information are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.1.3.2 Ensure system administrator command executions (sudo) are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
4.1.3.6 Ensure successful file system mounts are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
18.10.29.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
Audit insecure guest logon - LanmanWorkstation AuditInsecureGuestLogon | MSCT Windows Server 2025 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit insecure guest logon - LanmanWorkstation AuditInsecureGuestLogon | MSCT Windows Server 2025 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support encryption | MSCT Windows 11 v24H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support encryption - AuditServerDoesNotSupportEncryption | MSCT Windows Server 2025 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support encryption - AuditServerDoesNotSupportEncryption | MSCT Windows Server 2025 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support signing | MSCT Windows 11 v24H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support signing - AuditServerDoesNotSupportSigning | MSCT Windows Server 2025 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit server does not support signing - AuditServerDoesNotSupportSigning | MSCT Windows Server 2025 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
CISC-RT-000680 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
Enable insecure guest logons | MSCT Windows 10 1809 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows 10 1903 v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server v1909 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server v2004 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server v2004 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server 2019 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server v20H2 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows 10 v21H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows 10 1909 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows Server 2019 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows 11 v24H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons | MSCT Windows 11 v23H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable insecure guest logons - AllowInsecureGuestAuth | MSCT Windows Server 2025 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enable remote mailslots - NetworkProvider EnableMailslots | MSCT Windows Server 2025 MS v1.0.0 | Windows | |
Mandate the maximum version of SMB - LanmanWorkstation | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
Mandate the minimum version of SMB - LanmanWorkstation | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
Mandate the minimum version of SMB - MinSmb2Dialect | MSCT Windows Server 2025 DC v1.0.0 | Windows | |
Require Encryption | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
WN10-CC-000040 - Insecure logons to an SMB server must be disabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
WN11-CC-000040 - Insecure logons to an SMB server must be disabled. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
WN16-CC-000080 - Insecure logons to an SMB server must be disabled. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |