Item Search

NameAudit NamePluginCategory
1.1.10 Disable USB StorageCIS Ubuntu Linux 18.04 LTS v2.2.0 L2 WorkstationUnix

MEDIA PROTECTION

1.1.10 Disable USB StorageCIS Debian 10 Server L1 v2.0.0Unix

MEDIA PROTECTION

1.1.10 Disable USB StorageCIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1Unix

MEDIA PROTECTION

1.1.22 Disable AutomountingCIS SUSE Linux Enterprise Server 11 L1 v2.1.1Unix

MEDIA PROTECTION

1.1.22 Disable AutomountingCIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1Unix

MEDIA PROTECTION

18.9.7.1.3 (L1) Ensure 'Display a custom message when installation is prevented by a policy setting' is set to 'Enabled: <Text>'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL, MEDIA PROTECTION

18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.9.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.9.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.9.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.9.3.7 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION

18.10.9.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Enterprise v4.0.0 BitLockerWindows

MEDIA PROTECTION

18.10.10.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

MEDIA PROTECTION

18.10.10.3.3 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 11 Enterprise v4.0.0 BitLockerWindows

MEDIA PROTECTION

18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.8 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Backup recovery passwords and key packages'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.42.13.1 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.1 Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.2 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.2 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.2 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

22.3 (L1) Ensure 'Allow Full Scan Removable Drive Scanning' is set to 'Allowed'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

Big Sur - Disable Removable Storage DevicesNIST macOS Big Sur v1.4.0 - 800-53r4 HighUnix

MEDIA PROTECTION

Big Sur - Disable Removable Storage DevicesNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

MEDIA PROTECTION

Big Sur - Disable Removable Storage DevicesNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

MEDIA PROTECTION

Catalina - Disable Removable Storage DevicesNIST macOS Catalina v1.5.0 - All ProfilesUnix

MEDIA PROTECTION

Catalina - Disable Removable Storage DevicesNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - All ProfilesUnix

MEDIA PROTECTION

Monterey - Disable Removable Storage DevicesNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

MEDIA PROTECTION