Item Search

Name	Audit Name	Plugin	Category
1.1.1.1 Ensure mounting of cramfs filesystems is disabled	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.2.1 Ensure /tmp is a separate partition	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
1.1.2.2 Ensure nodev option set on /tmp partition	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.1.5 Ensure 'Allow personalized ads delivered by Apple' is set to 'Disabled'	MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned	MDM	CONFIGURATION MANAGEMENT
2.2.6 Ensure DNS Server is not installed	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.9 Ensure TFTP Server is not installed	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.10 Ensure a web server is not installed	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.12 Ensure Samba is not installed	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.18 Ensure nfs-utils is not installed or the nfs-server service is masked	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.20 Ensure rsync is not installed or the rsyncd service is masked	CIS CentOS Linux 8 Server L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.2.20 Ensure rsync is not installed or the rsyncd service is masked	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
2.3.10.5 (L1) Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker	Windows	CONFIGURATION MANAGEMENT
2.3.11.10 Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
2.3.17.8 Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
2.4 Ensure nonessential services are removed or masked	CIS CentOS Linux 8 Workstation L1 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.2 Ensure SCTP is disabled	CIS CentOS Linux 8 Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.4 Ensure RDS is disabled	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.1.5 Ensure TIPC is disabled	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
3.2.2 Ensure tipc kernel module is not available	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
4.2.8 Ensure sshd DisableForwarding is enabled	CIS Amazon Linux 2 v3.0.0 L2	Unix	CONFIGURATION MANAGEMENT
4.2.12 Ensure SSH X11 forwarding is disabled	CIS Amazon Linux 2023 Server L2 v1.0.0	Unix	CONFIGURATION MANAGEMENT
4.5.5 Ensure icmpaddressmask is disabled	CIS IBM AIX 7 v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT
4.7.1.2 Ensure the cmsd service is not available	CIS IBM AIX 7 v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT
4.7.1.3 Ensure dtlogin service is not available	CIS IBM AIX 7 v1.0.0 L1	Unix	CONFIGURATION MANAGEMENT
5.2.12 Ensure SSH X11 forwarding is disabled	CIS CentOS Linux 8 Server L2 v2.0.0	Unix	CONFIGURATION MANAGEMENT
18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
18.4.1 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.2 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled' - Enabled: Highest protection, source routing is completely disabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.3 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.4 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.4.4 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled' - Enabled	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.6.4.2 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.6.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.6.20.2 (L2) Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.8.1.1 (L2) Ensure 'Turn off notifications network usage' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.8.21.4 Ensure 'Continue experiences on this device' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.8.36.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.9.14.2 (L1) Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.9.15.1 Ensure 'Do not display the password reveal button' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	CONFIGURATION MANAGEMENT
18.9.17.1 Ensure 'Allow Diagnostic Data' is set to 'Enabled: Send required diagnostic data' - Enabled: Send required diagnostic data	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.3 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.20.1.6 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.9.35.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.57.3.3.1 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
18.10.89.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search