Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1 (L1) Host hardware must have auditable, authentic, and up to date system & device firmwareCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

SYSTEM AND SERVICES ACQUISITION

1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

1.6 (L1) Host integrated hardware management controller must enable time synchronizationCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, MAINTENANCE

2.3 (L1) Host must enable Secure Boot enforcementCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.5 (L1) Host must only run binaries delivered via signed VIBCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

3.1 (L1) Host should deactivate SSHCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

3.4 (L1) Host must deactivate SLPCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

3.18 (L1) Host must have an accurate DCUI.Access listCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.19 (L1) Host must have an accurate Exception Users listCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, MEDIA PROTECTION

3.20 (L1) Host must enable normal lockdown modeCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL

4.2 (L1) Host must transmit system logs to a remote log collectorCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

4.8 (L1) Host must store one week of audit recordsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

4.10 (L1) Host must verify certificates for TLS remote logging endpointsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

5.11 (L1) Host must isolate management communicationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY

6.1.1 (L1) Host CIM services, if enabled, must limit accessCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

6.3.1 (L1) Host iSCSI client, if enabled, must employ bidirectional/mutual CHAP authenticationCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

7.5 (L1) Virtual machines must be configured to lock when the last console connection is closedCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

7.6 (L1) Virtual machines must limit console sharing.CIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

7.9 (L1) Virtual machines must prevent unauthorized connection of devicesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.10 (L1) Virtual machines must remove unnecessary audio devicesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.12 (L1) Virtual machines must remove unnecessary USB/XHCI devicesCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.19 (L1) Virtual machines must deactivate console paste operationsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

7.25 (L1) Virtual machines must enable diagnostic loggingCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

7.27 (L1) Virtual machines must limit the size of diagnostic logsCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

AUDIT AND ACCOUNTABILITY

8.2 (L1) VMware Tools must have all software updates installedCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

8.10 (L1) VMware Tools must deactivate Guest Store Upgrade operations unless requiredCIS VMware ESXi 8.0 v1.2.0 L1 VMwareVMware

CONFIGURATION MANAGEMENT

17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.6.1 (L1) Ensure 'Audit File Share' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION

17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.1 (L1) Ensure 'Audit IPsec Driver' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.3.8 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.12 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

18.6.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.6.2 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.6.3 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

ACCESS CONTROL

18.8.21.1 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.22.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT