Detections
Analytics

Item Search

NameAudit NamePluginCategory
9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.1 (L1) Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.4.1 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.4.2 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.4.2 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

18.5.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

18.5.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.6.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.7 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.8 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.20.1.12 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.33.6.2 (L2) Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.11.1 (L2) Ensure 'Allow Use of Camera' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.41.1 (L2) Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.43.11.1.1.1 (L2) Ensure 'Configure Brute-Force Protection aggressiveness' is set to 'Enabled: Medium' or higherCIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.57.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.59.2 (L2) Ensure 'Allow Cloud Search' is set to 'Enabled: Disable Cloud Search'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.10.89.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

19.7.8.3 (L2) Ensure 'Do not use diagnostic data for tailored experiences' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

19.7.46.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

Access this computer from the networkMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow Basic authentication - Client - AllowBasicMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow Basic authentication - Service - AllowBasicMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow cut, copy or paste operations from the clipboard via script - Internet ZoneMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Allow log on locallyMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Allow only approved domains to use ActiveX controls without prompt - Internet ZoneMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow script-initiated windows without size or position constraints - Internet ZoneMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Allow updates to status bar via script - Restricted Sites ZoneMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Audit Credential ValidationMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Directory Service ChangesMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Kerberos Authentication ServiceMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Removable StorageMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit Security System ExtensionMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Audit User Account ManagementMSCT Windows Server 1903 DC v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Configure Attack Surface Reduction rules - 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2MSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND INFORMATION INTEGRITY

Configure Attack Surface Reduction rules - be9ba2d9-53ea-4cdc-84e5-9b1eeee46550MSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND INFORMATION INTEGRITY

Configure registry policy processing - NoGPOListChangesMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 client driverMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Disallow Digest authenticationMSCT Windows Server 1903 DC v1.19.9Windows

ACCESS CONTROL

Don't run antimalware programs against ActiveX controls - Restricted Sites ZoneMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Don't run antimalware programs against ActiveX controls - Trusted Sites ZoneMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Download unsigned ActiveX controls - Restricted Sites ZoneMSCT Windows Server 1903 DC v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Hardened UNC Paths - \\*\NETLOGONMSCT Windows Server 1903 DC v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION