Item Search

Name	Audit Name	Plugin	Category
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.6.4 Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	ACCESS CONTROL
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	AUDIT AND ACCOUNTABILITY
17.2.2 Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	AUDIT AND ACCOUNTABILITY
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2019 v4.0.0 L1 DC	Windows	AUDIT AND ACCOUNTABILITY
17.2.6 Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	AUDIT AND ACCOUNTABILITY
17.2.6 Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	AUDIT AND ACCOUNTABILITY
18.2.1 Ensure LAPS AdmPwd GPO Extension / CSE is installed	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.4.1 Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.6.4.1 Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.4.1 Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.6.4.1 Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.4.2 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.6.4.2 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.6.4.2 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks'	CIS Microsoft Windows Server 2019 v4.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.56.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.56.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.57.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 1803 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 v1507 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 10 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 1903 DC v1.19.9	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 1903 MS v1.19.9	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server v1909 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2012 R2 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT MSCT Windows Server 2022 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2022 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server v20H2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
WN12-GE-000057 - Windows 2012 / 2012 R2 must automatically remove or disable emergency accounts after the crisis is resolved or within 72 hours.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL
WN12-UR-000021-MS - The Deny log on through Remote Desktop Services user right on member servers must be configured to prevent access from highly privileged domain accounts and all local accounts on domain systems, and from unauthenticated access on all systems.	DISA Windows Server 2012 and 2012 R2 MS STIG v3r7	Windows	ACCESS CONTROL

Detections

Analytics

Item Search