CSCv7|4.1

Title

Maintain Inventory of Administrative Accounts

Description

Use automated tools to inventory all administrative accounts, including domain and local accounts, to ensure that only authorized individuals have elevated privileges.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1 Ensure Administrative accounts are separate and cloud-onlymicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.1.0
1.1.3 Ensure that between two and four global admins are designatedmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.1.0
2.2.10 (L1) Ensure 'Create a pagefile' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.10 Ensure 'Create a pagefile' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.12 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.12 Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.14 (L1) Configure 'Create symbolic links'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.14 Configure 'Create symbolic links'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.15 Ensure 'Debug programs' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.21 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.21 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'WindowsCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
2.2.22 Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.25 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC
2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.25 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) - Administrators (DC only)WindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC
2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - AdministratorsWindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.26 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
2.2.26 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS
2.2.26 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.2.26 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) - No OneWindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS
2.2.26 Ensure 'Load and unload device drivers' is set to 'Administrators'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Windows Server 2012 DC L1 v3.0.0
2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1
2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Windows Server 2012 R2 DC L1 v3.0.0
2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
2.2.27 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC
2.2.27 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS
2.2.27 Ensure 'Force shutdown from a remote system' is set to 'Administrators' - AdministratorsWindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC
2.2.27 Ensure 'Force shutdown from a remote system' is set to 'Administrators' - AdministratorsWindowsCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 DC
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 DC
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only)WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Windows Server 2012 MS L1 v3.0.0
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Windows Server 2012 R2 MS L1 v3.0.0
2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1
2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1
2.2.29 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server
2.2.29 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 MS
2.2.29 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 MS
2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Windows Server 2012 DC L1 v3.0.0
2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1
2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'WindowsCIS Windows Server 2012 R2 MS L1 v3.0.0
2.10 Ensure Secure Keyboard Entry terminal.app is EnabledUnixCIS Apple macOS 10.14 v2.0.0 L1