CSCv7|16.5

Title

Encrypt Transmittal of Username and Authentication Credentials

Description

Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Account Monitoring and Control

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.1 (L1) Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.1.2 (L1) Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.1.2.1 (L1) Ensure 'NTLM' is set to 'Disabled'	Windows	CIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.5 Ensure 'Password must meet complexity requirements' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1
1.2.3 Ensure HTTP and Telnet options are disabled for the management interface	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
1.2.3 Ensure HTTP and Telnet options are disabled for the management interface	Palo_Alto	CIS Palo Alto Firewall 11 v1.1.0 L1
1.2.3 Ensure HTTP and Telnet options are disabled for the management interface	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.2.3 Ensure HTTP and Telnet options are disabled for the management interface	Palo_Alto	CIS Palo Alto Firewall 10 v1.2.0 L1
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 MS
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 MS L1 v3.0.0
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 R2 DC L1 v3.0.0
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 DC L1 v3.0.0
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Windows Server 2012 R2 MS L1 v3.0.0
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 v3.0.0 L1 DC
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS
1.2.4 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles	Palo_Alto	CIS Palo Alto Firewall 11 v1.1.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles	Palo_Alto	CIS Palo Alto Firewall 10 v1.2.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - HTTP	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.2.4 Ensure HTTP and Telnet options are disabled for all management profiles - Telnet	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS
1.2.5 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	Windows	CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC

Detections

Analytics

CSCv7|16.5

Title

Description

Reference Item Details

Audit Items