Detections
Analytics

CSCv6|8.1

Title

Employ automated tools to continuously monitor workstations, servers, and mobile devices with anti-virus, anti-spyware, personal firewalls, and host-based IPS functionality.

Description

Employ automated tools to continuously monitor workstations, servers, and mobile devices with anti-virus, anti-spyware, personal firewalls, and host-based IPS functionality. All malware detection events should be sent to enterprise anti-malware administration tools and event log servers.

Reference Item Details

Category: Malware Defenses

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
18.9.45.8.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL
18.9.45.8.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
18.9.45.8.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.45.8.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 DC L1 v2.5.0
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Windows Server 2012 R2 MS L1 v2.5.0
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.8.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + BL
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + NG
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + BL + NG
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + BL + NG
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1 + NG
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 2004) v1.9.1 L1
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.3.0
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 21H1) v1.11.0 L1 + BL + NG
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.3.0
18.9.45.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 20H2) v1.10.1 L1 + NG
18.9.47.15 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.4.0
18.9.47.16 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
18.9.47.16 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
18.9.47.16 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
18.9.47.16 Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
18.9.76.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1803) v1.5.0 Level 1
18.9.76.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1803) v1.5.0 Level 1
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 MS L1 v2.4.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 DC L1 v2.2.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 R2 DC L1 v2.4.0
18.9.77.14 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Windows Server 2012 MS L1 v2.2.0
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 DC L1 v1.2.0
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL + NG
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.2.0
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + BL
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1 + NG
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1909) v1.8.1 L1
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1809) v1.6.1 L1 + BL + NG
18.9.77.15 Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise (Release 1903) v1.7.1 L1 + BL + NG