Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4.7 Set 'Access this computer from the network' to 'Users, Administrators'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - certfileCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.26 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.3 Dedicated Name Server RoleCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

2.1.7 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.8 Ensure that the --make-iptables-util-chains argument is set to trueCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - Link local addressesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

3.1 Ignore Erroneous or Unwanted Queries - Multicast addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - Multicast addressesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 10/8; addressesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addressesCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 192.168/16; addressesCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 192.168/16; addressesCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-certfileCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.1.18 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate - etcd-keyfileCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

3.2.1.15 Ensure 'Allow adding VPN configurations' is set to 'Disabled'AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1MDM

SYSTEM AND INFORMATION INTEGRITY

3.3 Restrict Query OriginsCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

3.4 Restrict Queries of the Cache - Caching OnlyCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

6.1 Hide BIND Version StringCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

6.2 Hide Nameserver IDCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

SYSTEM AND COMMUNICATIONS PROTECTION

7.3 Disable the dnssec-accept-expired OptionCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

9.1 Ensure the TimeOut Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.4 Ensure the KeepAliveTimeout Is Set ProperlyCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

9.5 Ensure the Timeout Limits for Request Headers is Set to 40 or Less - mod_reqtimeoutCIS Apache HTTP Server 2.2 L1 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

10.3 Ensure the LimitRequestFieldsize Directive is Set to 1024 or LessCIS Apache HTTP Server 2.2 L2 v3.6.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnPublicNetCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - EnableLLTDIOCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - EnableRspndrCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

Access this computer from the networkMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1903 v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 2019 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows Server 2012 R2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)MSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing)MSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1903 v1.19.9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server v1909 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2016 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2019 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows Server 2019 DC v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1809 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 1909 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routesMSCT Windows 10 v1507 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION