Item Search

Name	Audit Name	Plugin	Category
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.3 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.4 Ensure 'Act as part of the operating system' is set to 'No One'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.8 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.9 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.10 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.16 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.17 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.22 Ensure 'Debug programs' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.39 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.47 Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.51 Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.1.5 Configure 'Accounts: Rename administrator account'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.2.1 Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.7.3 Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.7.4 Configure 'Interactive logon: Message text for users attempting to log on'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.7.6 Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.12 Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.7 Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
9.2.7 Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.1 Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.9 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.4.1 Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
18.5.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.5.4 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
18.6.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.9.5.1 Ensure 'Turn On Virtualization Based Security' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.33.6.4 Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
18.9.36.2 Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' (MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.25.1.2 Ensure 'Application: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.58.3 Ensure 'Allow indexing of encrypted files' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.10.88.1.1 Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.88.1.3 Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.88.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.88.2.4 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
20.26 Ensure 'Emergency accounts must be automatically removed or disabled after the crisis is resolved or within 72 hours' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
20.29 Ensure 'FTP servers are configured to prevent access to the system drive' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
20.35 Ensure 'Manually managed application account passwords be changed at least annually or when a system administrator with knowledge of the password leaves the organization' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
20.58 Ensure 'Shared user accounts do not exist' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION
20.61 Ensure 'Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
20.63 Ensure 'Temporary user accounts must be automatically removed or disabled after 72 hours' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
Allow Trusted Locations on the network - ms project	MSCT M365 Apps for enterprise 2312 v1.0.0	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search