Detections
Analytics

Revision 1.29

Jul 24, 2018
Functional Update
  • 1.1.10 Enforce user logon restrictions
  • 1.1.11 Maximum tolerance for computer clock synchronization
  • 1.1.12 Maximum lifetime for service ticket
  • 1.1.13 Maximum lifetime for user ticket renewal
  • 1.1.14 Maximum lifetime for user ticket
  • 1.12.3 Registry policy processing (NoBackgroundPolicy) - Domain Controller
  • 1.12.3 Registry policy processing (NoBackgroundPolicy) - Member Server
  • 1.12.3 Registry policy processing (NoGPOListChanges) - Domain Controller
  • 1.12.3 Registry policy processing (NoGPOListChanges) - Member Server
  • 1.3.18 Audit Policy: DS Access: Directory Service Access - Domain Controller
  • 1.3.18 Audit Policy: DS Access: Directory Service Access - Member Server
  • 1.3.19 Audit Policy: DS Access: Directory Service Changes - Domain Controller
  • 1.3.19 Audit Policy: DS Access: Directory Service Changes - Member Server
  • 1.7.1 User Account Control: Admin Approval Mode for the Built-in Administrator account
  • 1.7.2 User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
  • 1.7.3 User Account Control: Behavior of the elevation prompt for standard users
  • 1.7.4 User Account Control: Detect application installations and prompt for elevation
  • 1.7.5 User Account Control: Only elevate UIAccess applications that are installed in secure locations
  • 1.7.7 User Account Control: Switch to the secure desktop when prompting for elevation
  • 1.7.8 User Account Control: Virtualize file and registry write failures to per-user locations
  • 1.7.9 User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
  • 1.8.1 Access this computer from the network - Domain Controller
  • 1.8.1 Access this computer from the network - Member Server
  • 1.8.27 Add workstations to domain - Domain Controller
  • 1.8.27 Add workstations to domain - Member Server
  • 1.8.5 Bypass traverse checking - Domain Controller
  • 1.8.5 Bypass traverse checking - Member Server
  • 1.9.18 Domain controller: Allow server operators to schedule tasks - Domain Controller
  • 1.9.18 Domain controller: Allow server operators to schedule tasks - Member Server
  • 1.9.19 Domain controller: LDAP server signing requirements - Domain Controller
  • 1.9.19 Domain controller: LDAP server signing requirements - Member Server
  • 1.9.20 Domain controller: Refuse machine account password changes - Domain Controller
  • 1.9.20 Domain controller: Refuse machine account password changes - Member Server
  • 1.9.26 Interactive logon: Smart card removal behavior
  • 1.9.29 Interactive logon: Require smart card
  • 1.9.41 Network access: Named Pipes that can be accessed anonymously - Domain Controller
  • 1.9.41 Network access: Named Pipes that can be accessed anonymously - Member Server
  • CIS Security Benchmark For Microsoft Windows Server 2008 SSLF Domain Controller.
  • User Account Control (UAC) is off
Miscellaneous
  • Platform check updated.
  • References updated.