| 3.125 - Audit policy using subcategories is enabled. | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.16 (L1) Ensure 'Detailed Tracking Audit PNP Activity' is set to include 'Success' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 (L1) Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.3.1 Ensure 'Audit PNP Activity' is set to include 'Success' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Account Lockout | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Credential Validation | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit IPSec Driver | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit IPSec Driver | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit IPSec Driver | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logoff | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logoff | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logoff | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other System Events | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Special Logon | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Special Logon | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit System Integrity | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000431 - SharePoint must protect audit information from unauthorized access to the trace data log files. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000435 - SharePoint must protect audit information from unauthorized modification of usage and health data collection logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000436 - SharePoint must protect audit information from unauthorized modification to trace data logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000440 - SharePoint must protect audit information from unauthorized deletion of usage and health logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000441 - SharePoint must protect audit information from unauthorized deletion of trace log files. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000045 - The system must be configured to audit Detailed Tracking - PNP Activity successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| WN10-AU-000100 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-SO-000030 - Audit policy using subcategories must be enabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000045 - The system must be configured to audit Detailed Tracking - PNP Activity successes. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| WN11-SO-000030 - Audit policy using subcategories must be enabled. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000085 - The system must be configured to audit Policy Change - Audit Policy Change successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-AU-000106 - Windows Server 2012/2012 R2 must be configured to audit System - Other System Events failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-SO-000008 - Auditing of Backup and Restore Privileges must be turned off. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000009 - Audit policy using subcategories must be enabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN12-SO-000009 - Audit policy using subcategories must be enabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-SO-000050 - Audit policy using subcategories must be enabled. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | AUDIT AND ACCOUNTABILITY |
| WN19-AU-000350 - Windows Server 2019 must be configured to audit System - Other System Events failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-SO-000050 - Windows Server 2019 must force audit policy subcategory settings to override audit policy category settings. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-SO-000050 - Windows Server 2022 must force audit policy subcategory settings to override audit policy category settings. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
