Item Search

Name	Audit Name	Plugin	Category
2.2 Ensure system Microcode Discovery Service (MDS) is performed regularly	CIS IBM AIX 7 v1.1.0 L1	Unix	CONFIGURATION MANAGEMENT
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.16 (L1) Ensure 'Create permanent shared objects' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.23 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.30 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only)	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.3.5.2 (L1) Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.7.6 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.10 (L1) Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
3.4 Ensure Auto-Scaling Launch Configuration for App-Tier is configured to use an approved Amazon Machine Image	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	CONFIGURATION MANAGEMENT
5.2.2.5 (L2) Ensure 'Phishing-resistant MFA strength' is required for Administrators	CIS Microsoft 365 Foundations v5.0.0 L2 E3	microsoft_azure	IDENTIFICATION AND AUTHENTICATION
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.4 (L1) Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.6 (L1) Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.2.3 (L1) Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.4 (L1) Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.4.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)' is set to 'Enabled: 5 or fewer seconds'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.36.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.40.1 (L1) Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.25.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.25.7 (L1) Ensure 'System DEP' is set to 'Enabled: Application Opt-Out'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.2.2 (L1) Ensure 'Security: Specify the maximum log file size (KB)' is set to 'Enabled: 196,608 or greater'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.1 (L1) Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.47.15 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.58.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.65.2.2 (L1) Ensure 'Do not allow passwords to be saved' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.86.2.1 (L1) Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.102.1.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.10.10.2.4 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Allow data recovery agent' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.2 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.56.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search