Item Search

Name	Audit Name	Plugin	Category
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.5 Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.15 Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.37 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.40 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.49 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.52 Ensure 'Modify firmware environment values' is set to 'Administrators'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.5.5 Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.2 Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.5 Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.2 Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.11.9 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.5 Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.17.6 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.17.10 Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.1 (L1) Ensure 'Windows Firewall: Private: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.5 Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.9 Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.9.1 Ensure 'Audit IPsec Driver' is set to 'Success and Failure'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
18.5.6 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.6.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.20.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.6 Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.56.2.2 Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.56.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.80.2 Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
18.10.86.1 Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
20.33 Ensure 'Local volumes must use a format that supports NTFS attributes'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.35 Ensure 'Manually managed application account passwords be changed at least annually or when a system administrator with knowledge of the password leaves the organization'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
20.38 Ensure 'Non-system-created file shares must limit access to groups that require it'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, MEDIA PROTECTION
20.60 Ensure 'System files must be monitored for unauthorized changes'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.60 Ensure 'System files must be monitored for unauthorized changes'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	CONFIGURATION MANAGEMENT
20.67 Ensure 'The system uses an anti-virus program'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
EPAS-00-002300 - The EDB Postgres Advanced Server must, by default, shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure.	EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1	Unix	AUDIT AND ACCOUNTABILITY
Network security: Do not store LAN Manager hash value on next password change	MSCT Windows 11 v24H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search