Item Search

Name	Audit Name	Plugin	Category
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.11 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.22 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.7.3 (L1) Configure 'Interactive logon: Message text for users attempting to log on'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.3.10.6 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.1 (L1) Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.8 (L1) Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
5.1 (L1) Ensure 'Print Spooler (Spooler)' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
9.1.4 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.5 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.3 (L1) Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.1.2 (L1) Ensure 'Audit Kerberos Authentication Service' is set to 'Success and Failure' (DC Only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.2.4 (L1) Ensure 'Audit Other Account Management Events' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.3 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.3.3 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.7 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.21.3 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.3 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.6 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.34.6.1 (L1) Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.34.6.2 (L1) Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.102.1.3 (L1) Ensure 'Disallow Digest authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
19.1.3.4 (L1) Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
19.7.28.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, MEDIA PROTECTION

Detections

Analytics

Item Search