Item Search

Name	Audit Name	Plugin	Category
4.11.7.2.9 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Intune for Windows 11 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.9 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Intune for Windows 10 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.10 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive)' is set to 'Enabled: False'	CIS Microsoft Intune for Windows 10 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.11 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM'	CIS Microsoft Intune for Windows 11 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.12 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM'	CIS Microsoft Intune for Windows 10 v4.0.0 BL	Windows	ACCESS CONTROL
4.11.7.2.12 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup PIN:' is set to 'Enabled: Require startup PIN with TPM'	CIS Microsoft Intune for Windows 11 v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION
4.11.7.2.14 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'	CIS Microsoft Intune for Windows 10 v4.0.0 BL	Windows	ACCESS CONTROL
18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.1.1 (L1) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.2.12 (BL) Ensure 'Configure use of passwords for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.2.12 (BL) Ensure 'Configure use of passwords for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.2.12 (BL) Ensure 'Configure use of passwords for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.9.2.13 (L1) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG	Windows	ACCESS CONTROL
18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.2.14 (L1) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	ACCESS CONTROL
18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	ACCESS CONTROL
18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.9.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.10.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.8 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.9 (BL) Ensure 'Configure use of passwords for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.10.10.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.11 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	ACCESS CONTROL
18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.3.7 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL
18.10.10.3.8 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 BL	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search