CSCv6|16

Title

Account Monitoring and Control

Description

Account Monitoring and Control

Reference Item Details

Category: Account Monitoring and Control

Family: Application

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2.17 Set 'Audit Policy: Account Management: Security Group Management' to 'Success and Failure'WindowsCIS Windows 8 L1 v1.0.0
1.1.2.26 Set 'Audit Policy: Account Management: Application Group Management' to 'No Auditing'WindowsCIS Windows 8 L1 v1.0.0
1.1.3 Ensure that the --insecure-allow-any-token argument is not setUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.3 Ensure that the --insecure-allow-any-token argument is not setUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.3 Ensure that the --insecure-allow-any-token argument is not setUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.3.1.1 Set 'Accounts: Block Microsoft accounts' to 'Users can't add or log on with Microsoft accounts'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.1.2 Configure 'Accounts: Rename guest account'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.1.3 Set 'Accounts: Administrator account status' to 'Disabled'.WindowsCIS Windows 8 L1 v1.0.0
1.1.3.1.4 Configure 'Accounts: Rename administrator account'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.1.5 Set 'Accounts: Guest account status' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.1.6 Set 'Accounts: Limit local account use of blank passwords to console logon only' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.5.4 Set 'Domain member: Maximum machine account password age' to '30 or fewer day(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.5.6 Set 'Domain member: Disable machine account password changes' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.6.5 Set 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' to '4 or fewer logon(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.6.7 Set 'Interactive logon: Prompt user to change password before expiration' to '14 or more day(s)'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.8.1 Set 'Microsoft network server: Disconnect clients when logon hours expire' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.9.3 Set 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.1 Set 'Network access: Let Everyone permissions apply to anonymous users' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.3 Set 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.5 Set 'Network access: Restrict anonymous access to Named Pipes and Shares' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.6 Set 'Network access: Sharing and security model for local accounts' to 'Classic - local users authenticate as themselves'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.7 Set 'Network access: Remotely accessible registry paths and sub-paths' to the following listWindowsCIS Windows 8 L1 v1.0.0
1.1.3.10.10 Set 'Network access: Remotely accessible registry paths' to the following listWindowsCIS Windows 8 L1 v1.0.0
1.1.3.11.3 Configure Network access: Shares that can be accessed anonymouslyWindowsCIS Windows 8 L1 v1.0.0
1.1.3.11.3 Set 'Network security: Allow Local System to use computer identity for NTLM' to 'Enabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.11.17 Configure 'Network security: Force logoff when logon hours expire'WindowsCIS Windows 8 L1 v1.0.0
1.1.3.17.8 Set 'User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop' to 'Disabled'WindowsCIS Windows 8 L1 v1.0.0
1.1.4 Ensure that the --insecure-allow-any-token argument is not setUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.4.1 Configure 'Allow log on through Remote Desktop Services'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.2 Set 'Deny log on through Remote Desktop Services' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.3 Set 'Deny access to this computer from the network' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.21 Set 'Deny log on locally' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.29 Set 'Deny log on as a batch job' to 'Guests'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.33 Configure 'Deny log on as a service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.36 Set 'Allow log on locally' to 'Administrators, Users'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.37 Set 'Lock pages in memory' to 'No One'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.40 Set 'Replace a process level token' to 'Local Service, Network Service'WindowsCIS Windows 8 L1 v1.0.0
1.1.4.42 Set 'Modify an object label' to 'No one'WindowsCIS Windows 8 L1 v1.0.0
1.1.23 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.23 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.23 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.24 Ensure that the --service-account-lookup argument is set to trueUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.1.27 Ensure that the admission control plugin ServiceAccount is setUnixCIS Kubernetes 1.11 Benchmark v1.3.0 L1
1.1.27 Ensure that the admission control plugin ServiceAccount is setUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L1
1.1.27 Ensure that the admission control policy is set to ServiceAccountUnixCIS Kubernetes 1.8 Benchmark v1.2.0 L1
1.1.28 Ensure that the admission control policy is set to ServiceAccountUnixCIS Kubernetes 1.7.0 Benchmark v1.1.0 L1
1.04 Windows Oracle Account - 'Deny Log on Locally Right'WindowsCIS v1.1.0 Oracle 11g OS Windows Level 1
1.11 Do not setup access keys during initial user setup for all IAM users that have a console passwordamazon_awsCIS Amazon Web Services Foundations L1 1.4.0
1.14 Ensure access keys are rotated every 90 days or lessamazon_awsCIS Amazon Web Services Foundations L1 1.4.0