Item Search

Name	Audit Name	Plugin	Category
2.2.43 (L1) Ensure 'Shut down the system' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.46 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.46 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.58 Ensure 'Shut down the system' is set to 'Administrators'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.2.59 Ensure 'Shut down the system' is set to 'Administrators'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	SECURITY ASSESSMENT AND AUTHORIZATION
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.1 Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.13 Ensure membership in admin roles in MSDB database is limited	CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine	MS_SQLDB	ACCESS CONTROL
7.13 Ensure AES 256/256 Cipher Suite is enabled - Key not found	CIS IIS 7 L1 v1.8.0	Windows
8.2 Review Role Members	CIS IBM DB2 v10 v1.1.0 Database Level 1	IBM_DB2DB
8.2 Review Role Members	CIS IBM DB2 v10 v1.1.0 Database Level 2	IBM_DB2DB
18.6.4.2 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS	Windows	SYSTEM AND INFORMATION INTEGRITY
18.7.10 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.11.1.8 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Configure storage of BitLocker recovery information to AD DS' is set to 'Enabled: Backup recovery passwords and key packages'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.1.16 (BL) Ensure 'Configure use of smart cards on fixed data drives: Require use of smart cards on fixed data drives' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.10 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for operating system drives' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.3.8 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Backup recovery passwords and key packages'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.8 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Backup recovery passwords and key packages'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.16 (BL) Ensure 'Configure use of smart cards on removable data drives: Require use of smart cards on removable data drives' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.17.1 Ensure 'Enable App Installer' is set to 'Disabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.10.17.4 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'	CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'	CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'	CIS Microsoft Windows Server 2019 v4.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	CONFIGURATION MANAGEMENT
18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	CONFIGURATION MANAGEMENT
18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1	Windows	CONFIGURATION MANAGEMENT
18.10.56.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2016 v3.0.0 L2 DC	Windows	ACCESS CONTROL
18.10.56.3.10.1 Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC	Windows	ACCESS CONTROL
18.10.56.3.10.1 Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS	Windows	ACCESS CONTROL
18.10.57.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2025 v1.0.0 L2 DC	Windows	ACCESS CONTROL
19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	ACCESS CONTROL
CNTR-R2-001620 - Rancher RKE2 registry must contain the latest images with most recent updates and execute within Rancher RKE2 runtime as authorized by IAVM, CTOs, DTMs, and STIGs.	DISA Rancher Government Solutions RKE2 STIG v2r3	Unix	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search