Item Search

Name	Audit Name	Plugin	Category
2.3.6.3 Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.3 Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.6 Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 MS Standalone L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.8.2 Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 MS Standalone L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.2 Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS	Windows	IDENTIFICATION AND AUTHENTICATION
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON/RequireIntegrity	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON/RequireIntegrity	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL/RequireMutualAuthentication	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL/RequireMutualAuthentication	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Intune for Windows 11 v2.0.0 L1 + NG	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.6.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1 + BL	Windows	IDENTIFICATION AND AUTHENTICATION
18.7.6 Ensure 'Configure RPC listener settings: Authentication protocol to use for incoming RPC connections:' is set to 'Enabled: Negotiate' or higher	CIS Microsoft Windows 11 Stand-alone v2.0.0 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.7.6 Ensure 'Configure RPC listener settings: Authentication protocol to use for incoming RPC connections:' is set to 'Enabled: Negotiate' or higher	CIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.23.1 Ensure 'Support device authentication using certificate' is set to 'Enabled: Automatic' - Enabled: Automatic	CIS Microsoft Windows Server Standalone 2019 Standalone MS L2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Configure RPC listener settings - ForceKerberosForRpc	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt secure channel data (when possible)	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally encrypt secure channel data (when possible)	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Digitally sign secure channel data (when possible)	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Require strong (Windows 2000 or later) session key	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Require strong (Windows 2000 or later) session key	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Enable insecure guest logons	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Enable insecure guest logons	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Hardened UNC Paths - \\*\NETLOGON	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Hardened UNC Paths - \\*\NETLOGON	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Hardened UNC Paths - \\*\SYSVOL	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Microsoft network server: Digitally sign communications (always)	MSCT Windows 11 v22H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Microsoft network server: Digitally sign communications (always)	MSCT Windows 11 v23H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search