Item Search

Name	Audit Name	Plugin	Category
1.2.1 (L1) Ensure 'Account lockout duration' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.5 (L1) Ensure 'Add workstations to domain' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.31 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.42 (L1) Ensure 'Profile single process' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.45 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.46 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.5 (L1) Configure 'Accounts: Rename guest account'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.5.3 (L1) Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.5.4 (L1) Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.3.10.6 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.11.8 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.16.1 (L1) Ensure 'System settings: Optional subsystems' is set to 'Defined: (blank)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.4 (L1) Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.4 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.2.6 (L1) Ensure 'Audit User Account Management' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.2 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.9 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.8.1 (L1) Ensure 'Disallow Autoplay for non-volume devices' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.9.27.4.2 (L1) Ensure 'System: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.65.3.3.2 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.9.3 (L1) Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.108.1.1 (L1) Ensure 'Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search