Detections
Analytics

CAT|II

Title

DISA Severity Level 2

Description

Any vulnerability, the exploitation of which has a potential to result in loss of Confidentiality, Availability, or Integrity.

Reference Item Details

Category: Severity Level

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements.WindowsDISA Windows Vista STIG v6r41
1.007 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.WindowsDISA Windows Vista STIG v6r41
1.008 - Shared user accounts are permitted on the system.WindowsDISA Windows Vista STIG v6r41
2.001 - Permissions for event logs must conform to minimum requirements - application.evtxWindowsDISA Windows Vista STIG v6r41
2.001 - Permissions for event logs must conform to minimum requirements - security.evtxWindowsDISA Windows Vista STIG v6r41
2.001 - Permissions for event logs must conform to minimum requirements - system.evtxWindowsDISA Windows Vista STIG v6r41
2.006 - ACLs for system files and directories do not conform to minimum requirements. - 'C:'WindowsDISA Windows Vista STIG v6r41
2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Program Files'WindowsDISA Windows Vista STIG v6r41
2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Windows'WindowsDISA Windows Vista STIG v6r41
2.014 - ACLs for disabled services do not conform to minimum standards.WindowsDISA Windows Vista STIG v6r41
2.015 - File share ACLs have not been reconfigured to remove the Everyone group.WindowsDISA Windows Vista STIG v6r41
2.019 - Security-related Software Patches are not applied.WindowsDISA Windows Vista STIG v6r41
2.021 - Remove Software Certificate Installation FilesWindowsDISA Windows Vista STIG v6r41
3.011 - The required legal notice must be configured to display before console logon.WindowsDISA Windows Vista STIG v6r41
3.028 - The built-in Windows password complexity policy must be enabled.WindowsDISA Windows Vista STIG v6r41
3.032 - Ctrl+Alt+Del security attention sequence is Disabled.WindowsDISA Windows Vista STIG v6r41
3.034 - Unencrypted passwords must not be sent to third-party SMB Servers.WindowsDISA Windows Vista STIG v6r41
3.040 - Automatic logons must be disabled.WindowsDISA Windows Vista STIG v6r41
3.042 - Outgoing secure channel traffic is not signed when possible.WindowsDISA Windows Vista STIG v6r41
3.043 - Outgoing secure channel traffic is not encrypted when possible.WindowsDISA Windows Vista STIG v6r41
3.045 - The Windows SMB client is not enabled to perform SMB packet signing when possible.WindowsDISA Windows Vista STIG v6r41
3.046 - The Windows SMB server is not enabled to perform SMB packet signing when possible.WindowsDISA Windows Vista STIG v6r41
3.047 - The Smart Card removal option is set to take no action.WindowsDISA Windows Vista STIG v6r41
3.052 - Ejection of removable NTFS media is not restricted to Administrators.WindowsDISA Windows Vista STIG v6r41
3.057 - Reversible password encryption is not disabled.WindowsDISA Windows Vista STIG v6r41
3.070 - The system is configured to permit storage of credentials or .NET Passports.WindowsDISA Windows Vista STIG v6r41
3.071 - The system is configured to give anonymous users Everyone rights.WindowsDISA Windows Vista STIG v6r41
3.072 - The system is not configured to use the Classic security model.WindowsDISA Windows Vista STIG v6r41
3.074 - The system is not configured to force users to log off when their allowed logon hours expire.WindowsDISA Windows Vista STIG v6r41
3.075 - The system is not configured to recommended LDAP client signing requirements.WindowsDISA Windows Vista STIG v6r41
3.076 - The system is not configured to meet the minimum requirement for session security for NTLM SSP based Clients.WindowsDISA Windows Vista STIG v6r41
3.077 - The system is not configured to use FIPS compliant Algorithms for Encryption, Hashing, and Signing.WindowsDISA Windows Vista STIG v6r41
3.078 - The system must be configured to require case insensitivity for non-Windows subsystems.WindowsDISA Windows Vista STIG v6r41
3.082 - The system is configured to allow unsolicited remote assistance offers.WindowsDISA Windows Vista STIG v6r41
3.088 - The system is not configured to use Safe DLL Search Mode.WindowsDISA Windows Vista STIG v6r41
3.089 - The system is not configured to meet the minimum requirement for session security for NTLM SSP based Servers.WindowsDISA Windows Vista STIG v6r41
3.112 - Group Policy objects are not reprocessed if they have not changed.WindowsDISA Windows Vista STIG v6r41
3.113 - Outgoing secure channel traffic is not encrypted or signed.WindowsDISA Windows Vista STIG v6r41
3.114 - The Windows Server SMB client is not enabled to always perform SMB packet signing.WindowsDISA Windows Vista STIG v6r41
3.115 - The Windows Server SMB server is not enabled to always perform SMB packet signing.WindowsDISA Windows Vista STIG v6r41
3.121 - The system does not have a backup administrator accountWindowsDISA Windows Vista STIG v6r41
3.122 - Administrator Passwords are changed when necessary.WindowsDISA Windows Vista STIG v6r41
3.123 - Auditing Access of Global System Objects must be turned off.WindowsDISA Windows Vista STIG v6r41
3.124 - Audit of Backup and Restore Privileges is not turned off.WindowsDISA Windows Vista STIG v6r41
3.125 - Audit policy using subcategories is enabled.WindowsDISA Windows Vista STIG v6r41
3.129 - User Account Control - Built In Admin Approval ModeWindowsDISA Windows Vista STIG v6r41
3.130 - User Account Control - Behavior of elevation prompt for administratorsWindowsDISA Windows Vista STIG v6r41
3.131 - User Account Control - Behavior of elevation prompt for standard users.WindowsDISA Windows Vista STIG v6r41
3.132 - User Account Control - Detect Application InstallationsWindowsDISA Windows Vista STIG v6r41
3.134 - User Account Control - Elevate UIAccess applications that are in secure locationsWindowsDISA Windows Vista STIG v6r41