Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL

2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.36 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.40 (L1) Ensure 'Profile single process' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.42 (L1) Ensure 'Restore files and directories' is set to 'Administrators'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.1.1 (L1) Ensure 'Accounts: Administrator account status' is set to 'Disabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION

2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.8.3 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.9.1 (L1) Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.10.3 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.3.11.5 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higherCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

9.3.1 (L1) Ensure 'Windows Firewall: Public: Firewall state' is set to 'On (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

9.3.9 (L1) Ensure 'Windows Firewall: Public: Logging: Log dropped packets' is set to 'Yes'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION

17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.5.3 (L1) Ensure 'Audit Logon' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.4.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.5.10.2 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.5.20.1 (L2) Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.6.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.6.2 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.8.22.1.6 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.36.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.48.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.25.6 (L1) Ensure 'System ASLR' is set to 'Enabled: Application Opt-In'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

SYSTEM AND INFORMATION INTEGRITY

18.9.27.1.1 (L1) Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

AUDIT AND ACCOUNTABILITY

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

AUDIT AND ACCOUNTABILITY

18.9.65.3.3.2 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.65.3.3.3 (L2) Ensure 'Do not allow LPT port redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.65.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.66.1 (L1) Ensure 'Prevent downloading of enclosures' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.100.2 (L1) Ensure 'Turn on PowerShell Transcription' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

18.9.102.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.9.108.1.4 (L1) Ensure 'Reschedule Automatic Updates scheduled installations' is set to 'Enabled: 1 minute'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

WN19-00-000470 - Windows Server 2019 must have Secure Boot enabled.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT