CSCv7|1.4

Title

Maintain Detailed Asset Inventory

Description

Maintain an accurate and up-to-date inventory of all technology assets with the potential to store or process information. This inventory shall include all hardware assets, whether connected to the organization's network or not.

Reference Item Details

Category: Inventory and Control of Hardware Assets

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.13 Ensure Cloud Asset Inventory Is EnabledGCPCIS Google Cloud Platform v1.3.0 L2
2.13 Ensure Cloud Asset Inventory Is EnabledGCPCIS Google Cloud Platform v1.3.0 L1
3.5 Ensure AWS Config is enabled in all regions - 'Include global resources'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
3.5 Ensure AWS Config is enabled in all regions - 'Record all resources supported in this region'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
3.5 Ensure AWS Config is enabled in all regions - 'Review defined S3 Bucket'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
3.5 Ensure AWS Config is enabled in all regions - 'Review defined SNS Topic'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
4.9 Ensure a log metric filter and alarm exist for AWS Config configuration changes - 'alarm exists'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
4.9 Ensure a log metric filter and alarm exist for AWS Config configuration changes - 'metric filter exists'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
4.9 Ensure a log metric filter and alarm exist for AWS Config configuration changes - 'subscription exists'amazon_awsCIS Amazon Web Services Foundations L2 1.5.0
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L2 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2019 DC L1 v1.3.0
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 MS
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 DC
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L2 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows Server 2019 MS L1 v1.3.0
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L2 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L2 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L2 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L2 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L2 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 Bitlocker
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L2 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L2 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L2 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
18.8.26.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL + NG
CIS Control 1 (1.4) Maintain Detailed Asset InventoryUnixCAS Implementation Group 1 Audit File