Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.11 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.22 (L1) Ensure 'Deny log on as a service' to include 'Guests'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.3.10.6 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.11.1 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.17.8 (L1) Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

17.1.2 (L1) Ensure 'Audit Kerberos Authentication Service' is set to 'Success and Failure' (DC Only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.3.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.21.3 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.34.6.1 (L1) Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.8.34.6.2 (L1) Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.11.1.3 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.11.3.3 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.102.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higherCIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.5 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higherCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.9 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.9 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.10.9.3.4 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION

18.10.9.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.9.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.10.1.4 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higherCIS Microsoft Windows 11 Stand-alone v4.0.0 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.9 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.9 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

MEDIA PROTECTION

19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

19.1.3.4 (L1) Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL

19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

19.7.28.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, MEDIA PROTECTION

CIS_Red_Hat_EL8_Workstation_L2_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0CIS Red Hat EL8 Workstation L2 v3.0.0Unix