Item Search

NameAudit NamePluginCategory
1.1.3 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

1.1.3 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

IDENTIFICATION AND AUTHENTICATION

1.1.3 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

IDENTIFICATION AND AUTHENTICATION

1.1.5.1 Ensure calendar and contacts integration is set to disabledCIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.2.1.4 Ensure 'Bind to Object' is set to Enabled - excel.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.2.1.4 Ensure 'Bind to Object' is set to Enabled - mse7.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.2.1.4 Ensure 'Bind to Object' is set to Enabled - spDesign.exeCIS Microsoft Office 2016 v1.1.0Windows

CONFIGURATION MANAGEMENT

1.2.5.1.4 (L1) Ensure 'Disable user name and password' is set to 'Enabled'CIS Microsoft Intune for Office v1.1.0 L1Windows

CONFIGURATION MANAGEMENT

2.3.17.2 Ensure 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' is set to 'Disabled' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.3.27.10 (L1) Ensure 'Disable all Trust Bar notifications for security issues' is set to 'Disabled'CIS Microsoft Intune for Office v1.1.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.3.27.12 Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND SERVICES ACQUISITION

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

5.1 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Not Installed' (STIG only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.5 Ensure 'Active Directory Domain object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.8 Ensure 'Active Directory Infrastructure object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systemsCIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.23 Ensure 'Domain controllers have a PKI server certificate' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systemsCIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systemsCIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

SYSTEM AND COMMUNICATIONS PROTECTION

DG0175-ORACLE11 - The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements.DISA STIG Oracle 11 Installation v9r1 WindowsWindows
DTOO126 - Add-on Management functionality must be allowed.DISA STIG Microsoft Sharepoint Designer 2013 v1r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO126 - Add-on Management functionality must be allowed.DISA STIG Microsoft OneNote 2013 v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO132 - File Downloads must be configured for proper restrictions in PowerPoint.DISA STIG Microsoft PowerPoint 2013 v1r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO132 - File Downloads must be configured for proper restrictions.DISA STIG Microsoft Outlook 2013 v1r14Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO132 - File Downloads must be configured for proper restrictions.DISA STIG Microsoft Publisher 2013 v1r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO132 - File downloads must be configured for proper restrictions.DISA STIG Microsoft Excel 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO132 - File Downloads must be configured for proper restrictions.DISA STIG Microsoft OneNote 2013 v1r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Protection from zone elevation must be enforced in PowerPoint.DISA STIG Microsoft PowerPoint 2013 v1r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Protection from zone elevation must be enforced.DISA STIG Microsoft Visio 2013 v1r5Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Protection from zone elevation must be enforced.DISA STIG Microsoft Excel 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO209 - Protection from zone elevation must be enforced.DISA STIG Microsoft Outlook 2013 v1r14Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO211 - ActiveX Installs must be configured for proper restriction.DISA STIG Microsoft Excel 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO211 - ActiveX installs must be configured for proper restrictions.DISA STIG Microsoft Sharepoint Designer 2013 v1r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Document behavior if file validation fails must be set - DisableEditFromPVDISA STIG Microsoft Excel 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO292 - Document behavior if file validation fails must be set - OpenInProtectedViewDISA STIG Microsoft Excel 2013 v1r8Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DTOO508 - File Downloads must be configured for proper restrictions in PowerPoint Viewer.DISA STIG Microsoft PowerPoint 2013 v1r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-001100 - MongoDB must be configured in accordance with the security configuration settings based on DoD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

CONFIGURATION MANAGEMENT

PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - PIV credentialsDISA STIG Palo Alto NDM v3r3Palo_Alto

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000700 - DOD root CA certificates must be installed in Tomcat trust store.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-001640 - Application servers must use NIST-approved or NSA-approved key management technology and processes.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication.DISA Microsoft Windows 10 STIG v3r4Windows

MAINTENANCE

WN11-CC-000345 - The Windows Remote Management (WinRM) service must not use Basic authentication.DISA Microsoft Windows 11 STIG v2r3Windows

MAINTENANCE

WN16-MS-000010 - Only administrators responsible for the member server or standalone or nondomain-joined system must have Administrator rights on the system.DISA Microsoft Windows Server 2016 STIG v2r10Windows

ACCESS CONTROL

WN19-MS-000010 - Windows Server 2019 must only allow Administrators responsible for the member server or standalone or nondomain-joined system to have Administrator rights on the system.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL

WN22-MS-000010 - Windows Server 2022 must only allow administrators responsible for the member server or standalone or nondomain-joined system to have Administrator rights on the system.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL