Item Search

Name	Audit Name	Plugin	Category
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.7.5 (L2) Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.4 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.6.1 (L1) Ensure 'Audit Detailed File Share' is set to include 'Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.3.5 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.4.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.5 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.34.6.1 (L1) Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.53.1.1 (L2) Ensure 'Enable Windows NTP Client' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.8.1 (L1) Ensure 'Disallow Autoplay for non-volume devices' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.9.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.25.1 (L1) Ensure 'EMET 5.52' or higher is installed	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.3.2 (L1) Ensure 'Setup: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.2 (L1) Ensure 'System: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.90.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.102.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.102.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.108.1.1 (L1) Ensure 'Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.1.4 (L1) Ensure 'Reschedule Automatic Updates scheduled installations' is set to 'Enabled: 1 minute'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.2 (L1) Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
19.7.47.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search