Detections
Analytics

CIS IIS 8.0 v1.4.0 Level 2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS IIS 8.0 v1.4.0 Level 2

Updated: 4/24/2017

Authority: CIS

Plugin: Windows

Revision: 1.8

Estimated Item Count: 31

Audit Items

DescriptionCategories
1.2.4 Configure Forms Authentication to Use Cookies - Applications

CONFIGURATION MANAGEMENT

1.2.4 Configure Forms Authentication to Use Cookies - Default

CONFIGURATION MANAGEMENT

1.2.4 Configure Forms Authentication to Use Cookies - Not Enabled
1.2.6 Lock down Encryption Providers

ACCESS CONTROL

1.2.9 Ensure credentials are not stored in configuration files - Applications

IDENTIFICATION AND AUTHENTICATION

1.2.9 Ensure credentials are not stored in configuration files - Default

IDENTIFICATION AND AUTHENTICATION

1.3.2 Turn Debug Off
1.3.2 Turn Debug Off - Applications

SYSTEM AND INFORMATION INTEGRITY

1.3.2 Turn Debug Off - Default

SYSTEM AND INFORMATION INTEGRITY

1.3.3 Ensure Custom Error Messages are not Off
1.3.3 Ensure Custom Error Messages are not Off - Applications

SYSTEM AND INFORMATION INTEGRITY

1.3.3 Ensure Custom Error Messages are not Off - Default

SYSTEM AND INFORMATION INTEGRITY

1.3.4 ASP.NET stack tracing is Not Enabled
1.3.4 ASP.NET stack tracing is Not Enabled - Applications

SYSTEM AND INFORMATION INTEGRITY

1.3.4 ASP.NET stack tracing is Not Enabled - Default

SYSTEM AND INFORMATION INTEGRITY

1.3.5 Configure Use Cookies Mode for Session State
1.3.5 Configure Use Cookies Mode for Session State - Applications

CONFIGURATION MANAGEMENT

1.3.5 Configure Use Cookies Mode for Session State - Default

CONFIGURATION MANAGEMENT

1.3.6 Ensure Cookies Are Set With HttpOnly Attribute
1.3.6 Ensure Cookies Are Set With HttpOnly Attribute - Applications

ACCESS CONTROL

1.3.6 Ensure Cookies Are Set With HttpOnly Attribute - Default

ACCESS CONTROL

1.4.1 Configure maxAllowedContentLength Request Filter - Applications

SYSTEM AND INFORMATION INTEGRITY

1.4.1 Configure maxAllowedContentLength Request Filter - Default

SYSTEM AND INFORMATION INTEGRITY

1.4.2 Configure maxURL Request Filter - Applications

SYSTEM AND INFORMATION INTEGRITY

1.4.2 Configure maxURL Request Filter - Default

SYSTEM AND INFORMATION INTEGRITY

1.4.3 Configure MaxQueryString Request Filter - Applications

SYSTEM AND INFORMATION INTEGRITY

1.4.3 Configure MaxQueryString Request Filter - Default

SYSTEM AND INFORMATION INTEGRITY

1.4.4 Disallow non-ASCII Characters in URLs - Applications

SYSTEM AND INFORMATION INTEGRITY

1.4.4 Disallow non-ASCII Characters in URLs - Default

SYSTEM AND INFORMATION INTEGRITY

1.7.14 TLS Cipher Suite Ordering

SYSTEM AND COMMUNICATIONS PROTECTION

CIS Microsoft IIS 8 Benchmark v1.4.0 Level 2