Detections
Analytics

CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0

Updated: 12/7/2022

Authority: Operating Systems and Applications

Plugin: Windows

Revision: 1.10

Estimated Item Count: 318

Audit Changelog

 
Revision 1.10

Dec 7, 2022

Miscellaneous
  • Variables updated.
Revision 1.9

Nov 28, 2022

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.8

Oct 6, 2022

Functional Update
  • 17.2.5 Ensure 'Audit Security Group Management' is set to include 'Success'
  • 17.5.1 Ensure 'Audit Account Lockout' is set to include 'Failure'
  • 17.5.5 Ensure 'Audit Special Logon' is set to include 'Success'
  • 17.6.1 Ensure 'Audit Detailed File Share' is set to include 'Failure'
  • 17.7.1 Ensure 'Audit Audit Policy Change' is set to include 'Success'
  • 17.7.2 Ensure 'Audit Authentication Policy Change' is set to include 'Success'
  • 17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success'
  • 17.7.5 Ensure 'Audit Other Policy Change Events' is set to include 'Failure'
  • 17.9.4 Ensure 'Audit Security System Extension' is set to include 'Success'
  • 2.3.7.1 Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'
Revision 1.7

Jul 21, 2022

Functional Update
  • 17.9.3 Ensure 'Audit Security State Change' is set to include 'Success'
Revision 1.6

Apr 25, 2022

Miscellaneous
  • Metadata updated.
Revision 1.5

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Oct 29, 2021

Functional Update
  • 19.1.3.1 Ensure 'Enable screen saver' is set to 'Enabled'
  • 19.1.3.2 Ensure 'Force specific screen saver: Screen saver executable name' is set to 'Enabled: scrnsave.scr'
  • 19.1.3.3 Ensure 'Password protect the screen saver' is set to 'Enabled'
  • 19.1.3.4 Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'
  • 19.7.26.1 Ensure 'Prevent users from sharing files within their profile.' is set to 'Enabled'
  • 19.7.4.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'
  • 19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'
  • 19.7.41.1 Ensure 'Always install with elevated privileges' is set to 'Disabled'
Miscellaneous
  • References updated.
Revision 1.3

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Nov 17, 2020

Functional Update
  • 2.2.20 Ensure 'Deny access to this computer from the network' to include 'Guests' (DC only)
  • 2.2.22 Ensure 'Deny log on as a batch job' to include 'Guests'
  • 2.2.23 Ensure 'Deny log on as a service' to include 'Guests'
  • 2.2.24 Ensure 'Deny log on locally' to include 'Guests'
  • 2.2.25 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)
Revision 1.1

Sep 29, 2020

Miscellaneous
  • References updated.