Item Search

Name	Audit Name	Plugin	Category
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.2.8 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.9 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only) - Administrators, Remote Desktop Users	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.10 (L1) Ensure 'Back up files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.18 (L1) Ensure 'Create symbolic links' is set to 'Administrators, NT VIRTUAL MACHINE\Virtual Machines' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.40 (L1) Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.45 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.3 (L1) Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.12 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.37.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.25.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.1.2 (L1) Ensure 'Application: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.2.2 (L1) Ensure 'Security: Specify the maximum log file size (KB)' is set to 'Enabled: 196,608 or greater'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.9.65.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.67.2 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.102.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
CNTR-R2-000140 - The Kubernetes API server must have the insecure bind address not set.	DISA Rancher Government Solutions RKE2 STIG v2r3	Unix	ACCESS CONTROL
JBOS-AS-000080 - The JBoss server must generate log records for access and authentication events to the management interface.	DISA JBoss EAP 6.3 STIG v2r6	Unix	AUDIT AND ACCOUNTABILITY

Detections

Analytics

Item Search