CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1

Updated: 7/12/2024

Authority: CIS

Plugin: Windows

Revision: 1.14

Estimated Item Count: 308

File Details

Filename: CIS_Microsoft_Windows_Server_2019_STIG_v1.0.1_L1_DC.audit

Size: 760 kB

MD5: 8513e4e51e4fd6a5f7107dbb5effef9e
SHA256: 33a334efd7586d722078549ddd6b3c74cecebc27f70e740ff87898e86ab8129c

Audit Changelog

 
Revision 1.14

Jul 12, 2024

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.13

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.12

Feb 21, 2024

Functional Update
  • 18.8.3.2 Ensure 'Include command line in process creation events' is set to 'Disabled'
Miscellaneous
  • Metadata updated.
Revision 1.11

Dec 4, 2023

Functional Update
  • 18.9.102.1.1 Ensure 'Manage preview builds' is set to 'Enabled: Disable preview builds' - Disable preview builds
Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.10

Apr 12, 2023

Functional Update
  • 1.1.1 Ensure 'Enforce password history' is set to '24 or more password(s)'
  • 1.1.2 Ensure 'Maximum password age' is set to '60 or fewer days, but not 0'
  • 1.1.3 Ensure 'Minimum password age' is set to '1 or more day(s)'
  • 1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)'
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.9

Mar 21, 2023

Functional Update
  • 18.8.3.2 Ensure 'Include command line in process creation events' is set to 'Disabled'
  • 2.3.5.2 Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only)
Revision 1.8

Mar 8, 2023

Functional Update
  • 18.9.30.4 Ensure 'Turn off shell protocol protected mode' is set to 'Disabled'
  • 2.3.1.5 Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'
  • 2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'
Revision 1.7

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jan 4, 2023

Miscellaneous
  • Metadata updated.
Revision 1.5

Dec 7, 2022

Miscellaneous
  • Variables updated.