2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
4.40 listener.ora - 'secure_protocol_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
7.2 Set Strong Password Creation Policies - HISTORY = 10 | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Stand-alone v4.0.0 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows Server 2019 v4.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
Allow active scripting | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Allow binary and script behaviors | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Allow font downloads - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Allow only approved domains to use the TDC ActiveX control - Restricted Sites Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Allow scriptlets - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Allow user control over installs | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Always prompt for password upon connection | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
Audit Audit Policy Change | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit Computer Account Management | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit Directory Service Changes | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit Logoff | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit Security Group Management | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Audit Security System Extension | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
Check for server certificate revocation | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Configure registry policy processing - NoGPOListChanges | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Configure Windows SmartScreen | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Create a token object | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Create global objects | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Debug programs | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Domain member: Digitally sign secure channel data (when possible) | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Download signed ActiveX controls - Restricted Sites Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Enable insecure guest logons | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Enforce password history | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Include local path when user is uploading files to a server - Restricted Sites Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Initialize and script ActiveX controls not marked as safe - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Initialize and script ActiveX controls not marked as safe - Intranet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Initialize and script ActiveX controls not marked as safe - Trusted Sites Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Interactive logon: Machine inactivity limit | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
Internet Explorer Processes - FEATURE_DISABLE_MK_PROTOCOL - explorer.exe | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Internet Explorer Processes - FEATURE_RESTRICT_ACTIVEXINSTALL - iexplore.exe | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
Internet Explorer Processes - FEATURE_RESTRICT_FILEDOWNLOAD - explorer.exe | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Internet Explorer Processes - FEATURE_SECURITYBAND - iexplore.exe | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Internet Explorer Processes - FEATURE_WINDOW_RESTRICTIONS - (Reserved) | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Java permissions - Local Machine Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Java permissions - Locked-Down Intranet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
Java permissions - Trusted Sites Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |