Item Search

NameAudit NamePluginCategory
2.2 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Management ServicesCIS Juniper OS Benchmark v2.1.0 L2Juniper

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop Users'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) - Accept if provided by client or higherCIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

2.3.11.4 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.4 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows 7 Workstation Level 1 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Include TSIG key in named.conf 'TSIG key 1 permissions'CIS ISC BIND 9.0/9.5 v2.0.0Unix
3.3.2 Include TSIG key in named.conf 'TSIG key 2 permissions'CIS ISC BIND 9.0/9.5 v2.0.0Unix
4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cisCIS Solaris 11.2 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cisCIS Solaris 11 L1 v1.1.0Unix

AUDIT AND ACCOUNTABILITY

4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cisCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.20 Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.3.6 (L1) Ensure 'Extended Protection for LDAP Authentication (Domain Controllers only)' is set to 'Enabled: Enabled, always (recommended)' (DC Only)CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.3.6 (L1) Ensure 'Extended Protection for LDAP Authentication (Domain Controllers only)' is set to 'Enabled: Enabled, always (recommended)' (DC Only)CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.8.53.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

18.9.50.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

AUDIT AND ACCOUNTABILITY

18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

CIS_Aliyun_Linux_2_L1_v1.0.0.audit from CIS Aliyun Linux 2 Benchmark v1.0.0CIS Aliyun Linux 2 L1 v1.0.0Unix
CIS_DC_SERVER_2012_Level_1_v3.0.0.audit from CIS Security Benchmark For Microsoft Windows Server 2012 DC Level 1CIS Windows Server 2012 DC L1 v3.0.0Windows
CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0CIS Palo Alto Firewall 9 v1.1.0 L2Palo_Alto
CIS_Palo_Alto_Firewall_10_Benchmark_v1.2.0_L2.audit from CIS Palo Alto Firewall 10 Benchmark v1.2.0CIS Palo Alto Firewall 10 v1.2.0 L2Palo_Alto
CIS_Palo_Alto_Firewall_11_Benchmark_v1.1.0_L1.audit from CIS Palo Alto Firewall 11 Benchmark v1.1.0CIS Palo Alto Firewall 11 v1.1.0 L1Palo_Alto
DTOO170 - InfoPath 2003 forms as email forms in InfoPath 2013 must be disallowed.DISA STIG Microsoft InfoPath 2013 v1r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000042 - IPSec Exemptions must be limited.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000042 - IPSec Exemptions must be limited.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT