Item Search

NameAudit NamePluginCategory
2.2.29 (L2) Ensure 'Log on as a service' is configuredCIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NGWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.29 (L2) Ensure 'Log on as a service' is configuredCIS Microsoft Windows 11 Stand-alone v4.0.0 L2Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.29 (L2) Ensure 'Log on as a service' is configuredCIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higherCIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

4.40 listener.ora - 'secure_protocol_listener_name = (TCP,IPC)'CIS v1.1.0 Oracle 11g OS L1Unix

ACCESS CONTROL

5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_server = REQUIRED'CIS v1.1.0 Oracle 11g OS L2Unix

ACCESS CONTROL

7.2 Set Strong Password Creation Policies - HISTORY = 10CIS Solaris 11.1 L1 v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 NG MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'CIS Microsoft Windows 10 Stand-alone v4.0.0 NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'CIS Microsoft Windows Server 2019 v4.0.0 NG DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

Allow active scriptingMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow binary and script behaviorsMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow font downloads - Internet ZoneMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Allow only approved domains to use the TDC ActiveX control - Restricted Sites ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow scriptlets - Internet ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Allow unencrypted traffic - Service - AllowUnencryptedTrafficMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Allow user control over installsMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Always prompt for password upon connectionMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Audit Audit Policy ChangeMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Computer Account ManagementMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Directory Service ChangesMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit LogoffMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security System ExtensionMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Check for server certificate revocationMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Configure registry policy processing - NoGPOListChangesMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure Windows SmartScreenMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Create a token objectMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Create global objectsMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Debug programsMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Domain member: Digitally sign secure channel data (when possible)MSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Download signed ActiveX controls - Restricted Sites ZoneMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable insecure guest logonsMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enforce password historyMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Include local path when user is uploading files to a server - Restricted Sites ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Initialize and script ActiveX controls not marked as safe - Internet ZoneMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Initialize and script ActiveX controls not marked as safe - Intranet ZoneMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Initialize and script ActiveX controls not marked as safe - Trusted Sites ZoneMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Interactive logon: Machine inactivity limitMSCT Windows Server 2016 DC v1.0.0Windows

ACCESS CONTROL

Internet Explorer Processes - FEATURE_DISABLE_MK_PROTOCOL - explorer.exeMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_RESTRICT_ACTIVEXINSTALL - iexplore.exeMSCT Windows Server 2016 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Internet Explorer Processes - FEATURE_RESTRICT_FILEDOWNLOAD - explorer.exeMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_SECURITYBAND - iexplore.exeMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Internet Explorer Processes - FEATURE_WINDOW_RESTRICTIONS - (Reserved)MSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Local Machine ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Locked-Down Intranet ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Java permissions - Trusted Sites ZoneMSCT Windows Server 2016 DC v1.0.0Windows

CONFIGURATION MANAGEMENT