Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.9 Disable AutomountingCIS Debian Linux 10 v2.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Oracle Linux 10 v1.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Debian Linux 11 v2.0.0 L2 WorkstationUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Oracle Linux 9 v2.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Debian Linux 12 v1.1.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L2 WorkstationUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Rocky Linux 8 v3.0.0 L2 WorkstationUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Oracle Linux 8 v4.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Red Hat Enterprise Linux 10 v1.0.1 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Rocky Linux 10 v1.0.0 L2 WorkstationUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS AlmaLinux OS 10 v1.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Ubuntu Linux 24.04 LTS v1.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

2.1.1 Ensure autofs services are not in useCIS Debian Linux 11 v2.0.0 L1 ServerUnix

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.9.3.7 (L1) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

MEDIA PROTECTION

18.10.10.3.2 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.2 Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

MEDIA PROTECTION

18.10.10.3.2 Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.3 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.10.3.3 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'CIS Microsoft Windows 11 Stand-alone v5.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.4 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 BLWindows

MEDIA PROTECTION

18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 10 Stand-alone v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.5 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.5 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

MEDIA PROTECTION

18.10.10.3.5 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key'CIS Microsoft Windows 11 Stand-alone v5.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION

18.10.10.3.8 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Backup recovery passwords and key packages'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION

18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v4.0.0 BLWindows

MEDIA PROTECTION

18.10.10.3.9 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False'CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BLWindows

MEDIA PROTECTION

18.10.42.13.2 Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.42.13.3 Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Windows Server 2012 MS L1 v3.0.0Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.1 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Windows Server 2012 R2 DC L1 v3.0.0Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.2 (L1) Ensure 'Scan packed executables' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

18.10.43.13.3 (L1) Ensure 'Scan removable drives' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY

22.3 (L1) Ensure 'Allow Full Scan Removable Drive Scanning' is set to 'Allowed'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

MEDIA PROTECTION, SYSTEM AND INFORMATION INTEGRITY