Item Search

Name	Audit Name	Plugin	Category
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.11 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.32 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.37 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.1 (L1) Ensure 'Accounts: Administrator account status' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.1 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.6 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.8 (L1) Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.1 (L1) Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.7.2 (L1) Ensure 'Audit Authentication Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.3.2 (L1) Ensure 'Configure SMB v1 client' is set to 'Enabled: Bowser, MRxSmb20, NSI'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.3.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.6.3 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.2 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.3 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.5 (L2) Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.6 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.7 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.9 (L2) Ensure 'Turn off the 'Order Prints' picture task' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.36.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.53.1.1 (L2) Ensure 'Enable Windows NTP Client' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.25.4 (L1) Ensure 'Default Protections for Popular Software' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.1.1 (L1) Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.1.2 (L1) Ensure 'Application: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.31.1 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
18.9.65.3.3.1 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.108.1.2 (L1) Ensure 'Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search