CSCv7|9.3

Title

Perform Regular Automated Port Scans

Description

Perform automated port scans on a regular basis against all systems and alert if unauthorized ports are detected on a system.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Limitation and Control of Network Ports, Protocols, and Services

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 MS L2 v2.0.0
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server Standalone 2019 Standalone MS L2 v1.0.0
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 Standalone DC L2 v1.0.0
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2016 MS L2 v2.0.0
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L2 DC
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2022 v2.0.0 L2 MS
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Microsoft Windows Server 2019 DC L2 v2.0.0
18.1.3 Ensure 'Allow Online Tips' is set to 'Disabled'	Windows	CIS Windows Server 2016 DC L2 v2.0.0
18.3.2 (L1) Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.3.2 Ensure 'Configure SMB v1 client driver' is set to 'Enabled: Disable driver (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.3.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.3.3 Ensure 'Configure SMB v1 server' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.3.4 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.3.4 Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.3.5 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.3.5 Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.4.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.4.2 Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.4.3 (L1) Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.4.3 Ensure 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.4.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.4.4 (L2) Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.4.5 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.4.5 Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.4.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.4.6 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.4.7 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.4.7 Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.4.8 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.4.8 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.4.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.4.12 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.4.1 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.5.4.1 Ensure 'Turn off multicast name resolution' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnDomain	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnDomain	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnPublicNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOnPublicNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - EnableLLTDIO	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - EnableLLTDIO	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnDomain	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnDomain	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNet	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2
18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	Windows	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker

Detections

Analytics

CSCv7|9.3

Title

Description

Reference Item Details

Audit Items