Item Search

Name	Audit Name	Plugin	Category
1.9 Ensure Days of non-use before lock-out is set to 30	CIS Check Point Firewall L1 v1.1.0	CheckPoint	ACCESS CONTROL
1.13 Ensure Allow access again after time is set to 300 or more seconds	CIS Check Point Firewall L1 v1.1.0	CheckPoint	ACCESS CONTROL
2.1.1 Ensure 'Login Banner' is set - message banner msgvalue	CIS Check Point Firewall L1 v1.1.0	CheckPoint	ACCESS CONTROL
2.1.1 Ensure 'Login Banner' is set - message banner on	CIS Check Point Firewall L1 v1.1.0	CheckPoint	ACCESS CONTROL
2.1.1 Ensure Firewall Is Enabled	CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
2.1.3 Ensure Core Dump is enabled	CIS Check Point Firewall L1 v1.1.0	CheckPoint	SYSTEM AND COMMUNICATIONS PROTECTION
2.1.5 Ensure unused interfaces are disabled	CIS Check Point Firewall L1 v1.1.0	CheckPoint	SYSTEM AND COMMUNICATIONS PROTECTION
2.1.6 Ensure DNS server is configured - tertiary	CIS Check Point Firewall L1 v1.1.0	CheckPoint	SYSTEM AND COMMUNICATIONS PROTECTION
2.1.10 Ensure DHCP is disabled	CIS Check Point Firewall L1 v1.1.0	CheckPoint	CONFIGURATION MANAGEMENT
2.2.2 Ensure SNMP version is set to v3-Only	CIS Check Point Firewall L1 v1.1.0	CheckPoint	CONFIGURATION MANAGEMENT
2.2.3 Ensure SNMP traps is enabled - coldStart	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.2.3 Ensure SNMP traps is enabled - configurationChange	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.2.3 Ensure SNMP traps is enabled - linkUpLinkDown	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.2.3 Ensure SNMP traps is enabled - lowDiskSpace	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp active	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
2.3.1 Ensure NTP is enabled and IP address is set for Primary and Secondary NTP server - ntp server secondary	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
3.2 Configure a Default Drop/Cleanup Rule	CIS Check Point Firewall L2 v1.1.0	CheckPoint	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1.1 Ensure iptables packages are installed	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.4.3.1.1 Ensure iptables packages are installed	CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5 Ensure no Allow Rule with Any in Destination filed present in the Firewall Rules	CIS Check Point Firewall L2 v1.1.0	CheckPoint	CONFIGURATION MANAGEMENT
3.5.1.2 Ensure loopback traffic is configured - output	CIS Debian 9 Server L1 v1.0.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.2 Ensure IPv6 loopback traffic is configured	CIS Debian 8 Workstation L1 v2.0.2	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.5.2.2 Ensure IPv6 loopback traffic is configured	CIS Debian 9 Workstation L1 v1.0.1	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.5.3.1.1 Ensure iptables packages are installed	CIS Fedora 19 Family Linux Server L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.6.3.1.1 Ensure iptables packages are installed - iptables	CIS Debian Family Workstation L1 v1.0.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
3.10 Ensure Drop Out of State TCP Packets is enabled	CIS Check Point Firewall L2 v1.1.0	CheckPoint	SECURITY ASSESSMENT AND AUTHORIZATION
3.11 Ensure Drop Out of State ICMP Packets is enabled	CIS Check Point Firewall L2 v1.1.0	CheckPoint	SECURITY ASSESSMENT AND AUTHORIZATION
3.19 Ensure Automatic ARP Configuration NAT is enabled	CIS Check Point Firewall L2 v1.1.0	CheckPoint	CONFIGURATION MANAGEMENT
3.20 Ensure Logging is enabled for Track Options of Global Properties	CIS Check Point Firewall L1 v1.1.0	CheckPoint	AUDIT AND ACCOUNTABILITY
5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
7.2.3 Ensure that port groups are not configured to VLAN values reserved by upstream physical switches	CIS VMware ESXi 5.1 v1.0.1 Level 1	VMware
9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	AUDIT AND ACCOUNTABILITY
9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.6 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	AUDIT AND ACCOUNTABILITY
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.5 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
9.3.5 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	AUDIT AND ACCOUNTABILITY
9.3.6 Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	AUDIT AND ACCOUNTABILITY
9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
CISC-RT-000120 - The Cisco switch must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection.	DISA Cisco IOS XE Switch RTR STIG v3r2	Cisco	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000810 - The Juniper perimeter router must be configured to drop fragmented IPv6 packets where the first fragment does not include the entire IPv6 header chain.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
OL07-00-040520 - The Oracle Linux operating system must enable an application firewall, if available.	DISA Oracle Linux 7 STIG v3r2	Unix	CONFIGURATION MANAGEMENT
RHEL-07-040520 - The Red Hat Enterprise Linux operating system must enable an application firewall, if available.	DISA Red Hat Enterprise Linux 7 STIG v3r15	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search