CSCv7|7

Title

Email and Web Browser Protections

Reference Item Details

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.27 Ensure 'Origins or hostname patterns for which restrictions on insecure origins should not apply' is set to 'Disabled'WindowsCIS Google Chrome L1 v2.1.0
2.2.4 Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications'WindowsCIS Google Chrome L2 v2.1.0
4.3 Ensure all forms of mail forwarding are blocked and/or disabledmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v1.4.0
4.4 Ensure mail transport rules do not whitelist specific domainsmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v1.4.0
4.7 Ensure that an anti-phishing policy has been createdmicrosoft_azureCIS Microsoft 365 Foundations E5 L1 v1.4.0
4.12 Ensure MailTips are enabled for end usersmicrosoft_azureCIS Microsoft 365 Foundations E3 L2 v1.4.0
5.3.2 Ensure X-Content-Type-Options header is configured and enabledUnixCIS NGINX Benchmark v1.0.0 L1 Webserver
6.20 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories - continue on the URL categoriesPalo_AltoCIS Palo Alto Firewall 9 v1.0.1 L1
6.20 Ensure that User Credential Submission uses the action of 'block' or 'continue' on the URL categories - continue on the URL categoriesPalo_AltoCIS Palo Alto Firewall 10 v1.0.0 L1
6.20 Ensure that User Credential Submission uses the action of block or continue on the URL categoriesPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
7.3 Ensure 'Security Policy' denying any/all traffic to/from IP addresses on Trusted Threat Intelligence Sources ExistsPalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
7.12 Ensure mobile device management policies are required for email profilesmicrosoft_azureCIS Microsoft 365 Foundations E3 L2 v1.4.0
9.2 Ensure web app redirects all HTTP traffic to HTTPS in Azure App Servicemicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L1
9.3 Ensure web app is using the latest version of TLS encryptionmicrosoft_azureCIS Microsoft Azure Foundations v1.3.1 L1