Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3 Ensure 'Cross DB Ownership Chaining' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.8 Ensure 'Scan for Startup Procs' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

CONFIGURATION MANAGEMENT

2.9 Ensure 'SQL Mail XPs' Server Configuration Option is set to '0'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'TCP/IP protocol is disabled'CIS SQL Server 2008 R2 DB OS L1 v1.7.0Windows

SYSTEM AND INFORMATION INTEGRITY

2.14 Ensure 'sa' Login Account is set to 'Disabled'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.7 Ensure only the default permissions specified by Microsoft are granted to the public server roleCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.8 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.9 Ensure Windows local groups are not SQL LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

3.10 Ensure the public role in the msdb database is not granted access to SQL Agent proxiesCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

5.3 Ensure 'Login Auditing' is set to Both 'failed' and 'successful logins'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

ACCESS CONTROL

18.8.22.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

SECURITY ASSESSMENT AND AUTHORIZATION

19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL

19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL

Network security: Force logoff when logon hours expireMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - DATABASE_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - DATABASE_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 42DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 43DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 82DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 83DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 85DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 87DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 88DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 91DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 104DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 105DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 111DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 162DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 170DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 171DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 172DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - SCHEMA_OBJECT_ACCESS_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - SERVER_ROLE_MEMBER_CHANGE_GROUPDISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

AUDIT AND ACCOUNTABILITY

WN10-SO-000060 - The system must be configured to require a strong session key.DISA Microsoft Windows 10 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN11-SO-000060 - The system must be configured to require a strong session key.DISA Microsoft Windows 11 STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-00-000190 - Orphaned security identifiers (SIDs) must be removed from user rights on Windows 2012 / 2012 R2.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-00-000190 - Orphaned security identifiers (SIDs) must be removed from user rights on Windows 2012 / 2012 R2.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000138 - The display of slide shows on the lock screen must be disabled (Windows 2012 R2).DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000138 - The display of slide shows on the lock screen must be disabled (Windows 2012 R2).DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-GE-000056 - Windows 2012 / 2012 R2 must automatically remove or disable temporary user accounts after 72 hours.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

ACCESS CONTROL

WN12-GE-000056 - Windows 2012 / 2012 R2 must automatically remove or disable temporary user accounts after 72 hours.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

ACCESS CONTROL

WN12-SO-000017 - The system must be configured to require a strong session key.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000017 - The system must be configured to require a strong session key.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN19-SO-000110 - Windows Server 2019 must be configured to require a strong session key.DISA Microsoft Windows Server 2019 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION