Item Search

NameAudit NamePluginCategory
1.1.2.4.1 Ensure separate partition exists for /varCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.5.1 Ensure separate partition exists for /var/tmpCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION

1.1.2.36 Set 'Audit Policy: Logon-Logoff: Other Logon/Logoff Events' to 'No Auditing'CIS Windows 8 L1 v1.0.0Windows

AUDIT AND ACCOUNTABILITY

1.4.1.6 Ensure no unconfined services existCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

2.3.7.7 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MSWindows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

ACCESS CONTROL

2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higherCIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

ACCESS CONTROL

5.1 Ensure 'Bluetooth Support Service (bthserv)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.7 Ensure 'Link-Layer Topology Discovery Mapper (lltdsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.11 Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.13 Ensure 'Peer Networking Identity Manager (p2pimsvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.17 Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.31 Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

6.2.2.4 Ensure system warns when audit logs are low on spaceCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

6.2.3.13 Ensure file deletion events by users are collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.2.3.19 Ensure kernel module loading unloading and modification is collectedCIS Amazon Linux 2 v4.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

9.3.1 Set SSH Protocol to 2CIS Debian Linux 7 L1 v1.0.0Unix

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOndomainCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - ProhibitLLTDIOOnPrivateNetCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.10.2 Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11RegistrarCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableUPnPRegistrarCIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.5.20.2 Ensure 'Prohibit access of the Windows Connect Now wizards' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2016 v4.0.0 L1 DCWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows Server 2025 v2.0.0 L1 MSWindows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled'CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

18.8.52.1.2 Ensure 'Enable Windows NTP Server' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.59.3.3.4 Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

CONFIGURATION MANAGEMENT

18.9.77.3.1 Ensure 'Join Microsoft MAPS' is set to 'Disabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

ACCESS CONTROL

19.7.45.2.1 Ensure 'Prevent Codec Download' is set to 'Enabled'CIS Windows 7 Workstation Level 2 v3.2.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Enable IKE Version 1/2 - groupTenable Cisco Viptela SD-WAN - vEdgeCisco_Viptela

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMicrosoft 365 Apps for Enterprise 2306 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Encryption type for password protected Office 97-2003 filesMSCT Office 365 ProPlus 1908 v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IBM i : Action When Sign-On Attempts Reached (QMAXSGNACN) - '3'IBM System i Security Reference for V7R3AS/400

ACCESS CONTROL

WN11-00-000085 - Standard local user accounts must not exist on a system in a domain.DISA Microsoft Windows 11 STIG v2r7Windows

CONFIGURATION MANAGEMENT