Item Search

Name	Audit Name	Plugin	Category
1.1.4 Ensure 'Minimum password age' is set to '1 or more day(s)'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.10 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.10 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.11 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.47 Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.48 Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.53 Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.55 Ensure 'Profile single process' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.58 Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.1.4 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.5.5 Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.17.4 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.17.9 Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONFIGURATION MANAGEMENT
5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
9.1.7 Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.7 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.4 Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.3.1 Ensure 'Audit PNP Activity' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.9.1 Ensure 'Audit IPsec Driver' is set to 'Success and Failure'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.9.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot' or higher	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.33.6.4 Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
18.9.102.3 Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.10.14.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
18.10.25.1.2 Ensure 'Application: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
18.10.56.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L2	Windows	CONFIGURATION MANAGEMENT
18.10.88.2.1 Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
19.7.42.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.29 Ensure 'FTP servers are configured to prevent access to the system drive' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	ACCESS CONTROL
20.36 Ensure 'Members of the Backup Operators group have separate accounts for backup duties and normal operational tasks' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.61 Ensure 'Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
Network access: Remotely accessible registry paths and subpaths	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search