Item Search

Name	Audit Name	Plugin	Category
1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.2.2 (L1) Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.43 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.45 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.1 (L1) Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.5 (L1) Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.2 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.7 (L1) Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
5.2 (L2) Ensure 'Print Spooler (Spooler)' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.3 (L1) Ensure 'Windows Firewall: Private: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.5 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local firewall rules' is set to 'No'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.7.1 (L1) Ensure 'Audit Audit Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.9.5 (L1) Ensure 'Audit System Integrity' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.4.8 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.5.4.2 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.11.1 (L1) Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.12 (L2) Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.34.6.2 (L1) Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.53.1.1 (L2) Ensure 'Enable Windows NTP Client' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.8.53.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.25.8 (L1) Ensure 'System SEHOP' is set to 'Enabled: Application Opt-Out'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.47.4.1 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.67.2 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.90.3 (L2) Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.100.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.102.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.2.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.1.3.2 (L1) Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.1.3.3 (L1) Ensure 'Password protect the screen saver' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.7.28.1 (L1) Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, MEDIA PROTECTION
19.7.47.2.1 (L2) Ensure 'Prevent Codec Download' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search