Detections
Analytics

800-53|SI-5

Title

SECURITY ALERTS, ADVISORIES, AND DIRECTIVES

Description

The organization:

Supplemental

The United States Computer Emergency Readiness Team (US-CERT) generates security alerts and advisories to maintain situational awareness across the federal government. Security directives are issued by OMB or other designated organizations with the responsibility and authority to issue such directives. Compliance to security directives is essential due to the critical nature of many of these directives and the potential immediate adverse effects on organizational operations and assets, individuals, other organizations, and the Nation should the directives not be implemented in a timely manner. External organizations include, for example, external mission/business partners, supply chain partners, external service providers, and other peer/supporting organizations.

Reference Item Details

Related: SI-2

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P1

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.3.7.1 Set 'Microsoft network client: Send unencrypted password to third-party SMB servers' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Attempt to cleanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Download ScanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Upload ScanWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'WindowsCIS Windows 7 Workstation Level 1 v3.2.0
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 MS
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 DC L1 v2.0.0
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2016 MS L1 v2.0.0
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 MS L1 v2.0.0
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2016 DC L1 v2.0.0
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2022 v2.0.0 L1 DC
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 Standalone DC L1 vCIS Microsoft Windows Server 2019 Standalone DC L1 v1.0.0
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' - EnabledWindowsCIS Microsoft Windows Server 2019 MS Standalone L1 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB serversWindowsMSCT Windows Server 2019 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB serversWindowsMSCT Windows Server 2022 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB serversWindowsMSCT Windows 10 1809 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB serversWindowsMSCT Windows 10 1803 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB serversWindowsMSCT Windows Server 2019 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 2016 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT MSCT Windows Server 2022 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 1903 MS v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v2004 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 1903 DC v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v1909 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 2012 R2 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 2016 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 1903 v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 1909 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v21H1 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v21H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v20H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v22H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v2004 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 11 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v1909 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v20H2 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server 2012 R2 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows Server v20H2 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v1507 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 10 v2004 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 11 v23H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPasswordWindowsMSCT Windows 11 v22H2 v1.0.0
Store passwords using reversible encryptionWindowsMSCT Windows Server 2019 MS v1.0.0
Store passwords using reversible encryptionWindowsMSCT Windows 10 1809 v1.0.0
Store passwords using reversible encryptionWindowsMSCT Windows Server 2019 DC v1.0.0