Item Search

Name	Audit Name	Plugin	Category
1.3.2 Disable TCP and UDP small servers	CIS Cisco IOS XR 7.x v1.0.1 L1	Cisco	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
1.6.2 Configure a Time Zone	CIS Cisco NX-OS v1.2.0 L1	Cisco	AUDIT AND ACCOUNTABILITY
2.2.39 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.2.44 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.8 Ensure Plugin Directory Has Appropriate Permissions	CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux	Unix	ACCESS CONTROL, MEDIA PROTECTION
5.5.1.8 Ensure password expiration is 60 Day maximum for existing passwords	CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG	Unix	IDENTIFICATION AND AUTHENTICATION
6.1.5 Ensure 'BECOME USER' Is Revoked From Unauthorized 'GRANTEE'	CIS Oracle Database 23ai v1.0.0 L1 RDBMS	OracleDB	ACCESS CONTROL, MEDIA PROTECTION
7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collector	CIS VMware ESXi 6.7 v1.3.0 Level 1	VMware	SYSTEM AND INFORMATION INTEGRITY
20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
ARST-RT-000800 - The Arista perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces.	DISA STIG Arista MLS EOS 4.2x Router v2r1	Arista	CONFIGURATION MANAGEMENT
DG0074-ORACLE11 - Unapproved inactive or expired database accounts should not be found on the database.	DISA STIG Oracle 11 Instance v9r1 Database	OracleDB
ESXI5-VMNET-000015 - The system must ensure the dvPortGroup MAC Address Change policy is set to reject.	DISA STIG VMWare ESXi Server 5 STIG v2r1	VMware	CONFIGURATION MANAGEMENT
JUEX-RT-000400 - The Juniper perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUNI-RT-000270 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes - filter	DISA STIG Juniper Router RTR v3r2	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUNI-RT-000320 - The Juniper perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1.	DISA STIG Juniper Router RTR v3r2	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUNI-RT-000381 - The Juniper perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces.	DISA STIG Juniper Router RTR v3r2	Juniper	CONFIGURATION MANAGEMENT
OL08-00-010422 - OL 8 must disable virtual syscalls.	DISA Oracle Linux 8 STIG v2r4	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
RHEL-09-431025 - RHEL 9 must have policycoreutils package installed.	DISA Red Hat Enterprise Linux 9 STIG v2r4	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
VCSA-70-000269 - The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to 'Reject'.	DISA STIG VMware vSphere 7.0 vCenter v1r3	VMware	CONFIGURATION MANAGEMENT
VCSA-80-000302 - The vCenter Server must reset port configuration when virtual machines are disconnected.	DISA VMware vSphere 8.0 vCenter STIG v2r2	VMware	CONFIGURATION MANAGEMENT
VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - sts-runtime	DISA STIG VMware vSphere 6.7 STS Tomcat v1r3	Unix	AUDIT AND ACCOUNTABILITY
VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - vmidentity	DISA STIG VMware vSphere 6.7 STS Tomcat v1r3	Unix	AUDIT AND ACCOUNTABILITY
VCUI-67-000027 - vSphere UI log files must be moved to a permanent repository in accordance with site policy - access	DISA STIG VMware vSphere 6.7 UI Tomcat v1r3	Unix	AUDIT AND ACCOUNTABILITY
WBLC-05-000150 - Oracle WebLogic must uniquely identify and authenticate users (or processes acting on behalf of users).	Oracle WebLogic Server 12c Linux v2r2	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission.	Oracle WebLogic Server 12c Linux v2r2 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission.	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WBLC-05-000174 - Oracle WebLogic must map the PKI-based authentication identity to the user account.	Oracle WebLogic Server 12c Windows v2r2	Windows	IDENTIFICATION AND AUTHENTICATION
WN10-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client.	DISA Microsoft Windows 10 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN10-UR-000085 - The Deny log on locally user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems.	DISA Microsoft Windows 10 STIG v3r4	Windows	ACCESS CONTROL
WN11-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client.	DISA Microsoft Windows 11 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN11-CC-000025 - The system must be configured to prevent IP source routing.	DISA Microsoft Windows 11 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.	DISA Microsoft Windows 11 STIG v2r4	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN11-CC-000038 - WDigest Authentication must be disabled.	DISA Microsoft Windows 11 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN11-UR-000085 - The 'Deny log on locally' user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems.	DISA Microsoft Windows 11 STIG v2r4	Windows	ACCESS CONTROL
WN16-00-000412 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	CONFIGURATION MANAGEMENT
WN16-CC-000040 - Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	CONFIGURATION MANAGEMENT
WN16-CC-000050 - Source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing.	DISA Microsoft Windows Server 2016 STIG v2r10	Windows	CONFIGURATION MANAGEMENT
WN19-00-000400 - Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN19-CC-000030 - Windows Server 2019 Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN19-CC-000040 - Windows Server 2019 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing.	DISA Microsoft Windows Server 2019 STIG v3r4	Windows	CONFIGURATION MANAGEMENT
WN22-00-000400 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-CC-000030 - Windows Server 2022 Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT
WN22-CC-000040 - Windows Server 2022 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing.	DISA Microsoft Windows Server 2022 STIG v2r4	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search