Item Search

NameAudit NamePluginCategory
1.1.2.17 Set 'Audit Policy: Account Management: Security Group Management' to 'Success and Failure'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.2.26 Set 'Audit Policy: Account Management: Application Group Management' to 'No Auditing'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.8 Benchmark v1.2.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.13 Benchmark v1.4.1 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.3.1.1 Set 'Accounts: Block Microsoft accounts' to 'Users can't add or log on with Microsoft accounts'CIS Windows 8 L1 v1.0.0Windows
1.1.3.5.6 Set 'Domain member: Disable machine account password changes' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.1.3.6.5 Set 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' to '4 or fewer logon(s)'CIS Windows 8 L1 v1.0.0Windows
1.1.3.6.7 Set 'Interactive logon: Prompt user to change password before expiration' to '14 or more day(s)'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

1.1.3.9.3 Set 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.1.3.10.1 Set 'Network access: Let Everyone permissions apply to anonymous users' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.1.3.17.8 Set 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' to 'Disabled'CIS Windows 8 L1 v1.0.0Windows
1.1.4 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

1.1.27 Ensure that the admission control plugin ServiceAccount is setCIS Kubernetes 1.11 Benchmark v1.3.0 L1Unix

ACCESS CONTROL

1.1.28 Ensure that the admission control policy is set to ServiceAccountCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

ACCESS CONTROL

1.2.4.3.2 Configure 'Do not display the password reveal button'CIS Windows 8 L1 v1.0.0Windows

CONFIGURATION MANAGEMENT

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB 3.4 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.1 Ensure that authentication is enabled for MongoDB databasesCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.2 Ensure that MongoDB does not bypass authentication via the localhost exceptionCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

2.2 Give the BIND User Account an Invalid ShellCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

ACCESS CONTROL

2.3 Ensure authentication is enabled in the sharded clusterCIS MongoDB 3.2 L1 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.3 Ensure authentication is enabled in the sharded clusterCIS MongoDB 3.2 L1 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3 Lock the BIND User AccountCIS BIND DNS v1.0.0 L1 Caching Only Name ServerUnix

ACCESS CONTROL

2.3 Lock the BIND User AccountCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

ACCESS CONTROL

2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanismsCIS MongoDB 3.4 L2 Unix Audit v1.0.0Unix

CONFIGURATION MANAGEMENT

2.4 Ensure an industry standard authentication mechanism is used - authorizationCIS MongoDB 3.4 L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - authorizationCIS MongoDB 3.2 L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - clusterAuthModeCIS MongoDB 3.2 L2 Unix Audit v1.0.0Unix

IDENTIFICATION AND AUTHENTICATION

2.4 Ensure an industry standard authentication mechanism is used - modeCIS MongoDB 3.4 L2 Windows Audit v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.7 Ensure a separate organizational unit (OU) in Active Directory exists for SharePoint 2016 objects.CIS Microsoft SharePoint 2016 OS v1.1.0Windows
2.7 Ensure remote access capabilities for the User-ID service account are forbidden.CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0Palo_Alto

ACCESS CONTROL

3.1.3 Ensure that the --insecure-allow-any-token argument is not setCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1Unix

IDENTIFICATION AND AUTHENTICATION

4.1 Ensure SharePoint displays an approved system use notification message or banner before granting access to the system.CIS Microsoft SharePoint 2019 OS v1.0.0Windows

ACCESS CONTROL

4.4 Ensure Anonymous authentication is deniedCIS Microsoft SharePoint 2016 OS v1.1.0Windows

ACCESS CONTROL

4.4 Ensure Anonymous authentication is deniedCIS Microsoft SharePoint 2019 OS v1.0.0Windows

ACCESS CONTROL

4.11 Ensure 'Import saved passwords from default browser on first run' is set to 'Disabled'CIS Google Chrome L1 v2.1.0Windows

CONFIGURATION MANAGEMENT

17.2.1 Ensure 'Audit Application Group Management' is set to 'Success and Failure'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2012 R2 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2016 DC v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server 2019 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 v2004 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 v1507 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v2004 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows Server v1909 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Security Group ManagementMSCT Windows 10 1903 v1.19.9Windows

AUDIT AND ACCOUNTABILITY

Domain member: Disable machine account password changesMSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 2016 DC v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 1903 MS v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows Server 1903 DC v1.19.9Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows 10 v1507 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Domain member: Disable machine account password changesMSCT Windows 10 1803 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION