Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.2.4.7.2.2.3 (L1) Ensure 'Excel 2 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Intune for Office v1.1.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

2.3.4.2 Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

5.1 Ensure 'Bluetooth Support Service (bthserv)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.7 Ensure 'Link-Layer Topology Discovery Mapper (lltdsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.11 Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.13 Ensure 'Peer Networking Identity Manager (p2pimsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.17 Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.31 Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

8.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On'CIS Microsoft Azure Foundations v5.0.0 L2microsoft_azure

RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

18.4.4 Ensure 'MSS: (DisableSavePassword) Prevent the dial-up password from being saved' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

18.4.6 Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.4.8 Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOndomainCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNetCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNetCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - EnableRspndrCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.10.2 Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11RegistrarCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableUPnPRegistrarCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.20.2 Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2022 v5.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.8.22.1.9 Ensure 'Turn off Search Companion content file updates' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.8.47.5.1 Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND INFORMATION INTEGRITY

18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

18.8.52.1.2 Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.59.3.2.1 Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.59.3.3.3 Ensure 'Do not allow LPT port redirection' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.59.3.3.4 Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.77.3.1 Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

19.7.45.2.1 Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

90.1 (L1) Ensure 'Hypervisor Enforced Code Integrity' is set to 'Enabled with UEFI lock'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

Encryption type for password protected Office 97-2003 filesMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Interactive logon: Smart card removal behaviorMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows 10 1803 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows 10 1809 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows Server v1909 DC v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows Server v1909 MS v1.0.0Windows

ACCESS CONTROL

Interactive logon: Smart card removal behaviorMSCT Windows Server v20H2 MS v1.0.0Windows

ACCESS CONTROL