Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.16 (L1) Ensure 'Create permanent shared objects' is set to 'No One'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.23 (L1) Ensure 'Deny log on as a service' to include 'Guests'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.33 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.35 (L1) Ensure 'Lock pages in memory' is set to 'No One'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.4.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.5.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.36.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

MEDIA PROTECTION

18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.25.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.27.2.2 (L1) Ensure 'Security: Specify the maximum log file size (KB)' is set to 'Enabled: 196,608 or greater'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.27.4.1 (L1) Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.47.15 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.65.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.65.3.3.3 (L2) Ensure 'Do not allow LPT port redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.65.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.65.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.86.2.1 (L1) Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.102.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.102.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

CISC-ND-001150 - The Cisco router must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based.DISA Cisco IOS XE Router NDM STIG v3r4Cisco

IDENTIFICATION AND AUTHENTICATION

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 88DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 103DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 104DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 109DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 170DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 171DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 177DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

WN19-SO-000060 - Windows Server 2019 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled.DISA Microsoft Windows Server 2019 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION