Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.5 Ensure 'Minimum password length' is set to '14 or more character(s)'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.14 Ensure 'Create a token object' is set to 'No One'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.15 Ensure 'Create a pagefile' is set to 'Administrators'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.19 Ensure 'Debug programs' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.22 Ensure 'Debug programs' is set to 'Administrators'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.26 Ensure 'Deny log on as a batch job' to include 'Guests'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.35 Ensure 'Force shutdown from a remote system' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.37 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 Ensure 'Increase scheduling priority' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.41 Ensure 'Load and unload device drivers' is set to 'Administrators'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.42 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.42 Ensure 'Lock pages in memory' is set to 'No One'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.1.4 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.1.5 Configure 'Accounts: Rename administrator account'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.6.5 Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

2.3.10.1 Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.10.7 Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.11.4 Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.8 Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higherCIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.10 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User must enter a password each time they use a key'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.17.4 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.17.5 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

9.1.1 Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.9 Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

17.9.5 Ensure 'Audit System Integrity' is set to 'Success and Failure'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

18.5.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.5.6 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.9.13.2 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: any, but ALL' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.28.2 Ensure 'Do not display network selection UI' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

18.10.7.1 Ensure 'Disallow Autoplay for non-volume devices' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

MEDIA PROTECTION

18.10.7.3 Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

MEDIA PROTECTION

18.10.28.3 Ensure 'Turn off heap termination on corruption' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.10.28.4 Ensure 'Turn off shell protocol protected mode' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

18.10.86.1 Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

19.7.5.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.39 Ensure 'Off-load of audit records of interconnected systems in real time and off-load standalone systems weekly' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.44 Ensure 'Orphaned security identifiers (SIDs) must be removed from user rights' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.47 Ensure 'Permissions for program file directories must conform to minimum requirements' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.55 Ensure 'Protection methods such as TLS, encrypted VPN's, or IPsec must be implemented if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process' (STIG oCIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.63 Ensure 'Temporary user accounts must be automatically removed or disabled after 72 hours' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.65 Ensure 'The system must have the Roles and Features required for it documented' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.70 Ensure 'Users with Administrative privileges have separate accounts for administrative duties and normal operational tasks' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL