CSCv7|7

Title

Email and Web Browser Protections

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.3.10 Ensure 'Password Profiles' do not exist	Palo_Alto	CIS Palo Alto Firewall 10 v1.1.0 L1
2.1.7 Ensure that an anti-phishing policy has been created	microsoft_azure	CIS Microsoft 365 Foundations E5 L1 v3.0.0
2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	MDM	MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	MDM	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	MDM	MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'	MDM	AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1
2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'	MDM	MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'	MDM	AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals	Palo_Alto	CIS Palo Alto Firewall 10 v1.1.0 L1
4.2 Ensure 'Applications and Threats Update Schedule' is set to download and install updates at daily or shorter intervals	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
6.2.2 Ensure mail transport rules do not whitelist specific domains	microsoft_azure	CIS Microsoft 365 Foundations E3 L1 v3.0.0
6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories	Palo_Alto	CIS Palo Alto Firewall 11 v1.0.0 L1
6.19 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories - continue on the URL categories	Palo_Alto	CIS Palo Alto Firewall 10 v1.1.0 L1
6.20 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories - continue on the URL categories	Palo_Alto	CIS Palo Alto Firewall 9 v1.1.0 L1
6.20 Ensure that User Credential Submission uses the action of block or continue on the URL categories	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources Exists	Palo_Alto	CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0