1.1.3.11.1 Set 'Network security: Do not store LAN Manager hash value on next password change' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
1.1.3.11.11 Set 'Network security: LAN Manager authentication level' to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.3 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.5 Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.5 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS Oracle Linux 6 Workstation L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS CentOS Linux 8 Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS Red Hat 6 Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS Red Hat 6 Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.2 Ensure permissions on /etc/passwd are configured | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.3 Ensure permissions on /etc/shadow are configured | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.3 Ensure permissions on /etc/shadow are configured | CIS Amazon Linux 2 v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.3 Ensure permissions on /etc/shadow are configured | CIS Oracle Linux 6 Workstation L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.4 Ensure permissions on /etc/group are configured | CIS CentOS Linux 8 Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.4 Ensure permissions on /etc/group are configured | CIS Ubuntu Linux 16.04 LTS Server L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.4 Ensure permissions on /etc/group are configured | CIS Red Hat EL8 Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.4 Ensure permissions on /etc/group are configured | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.4 Ensure permissions on /etc/group are configured | CIS Red Hat 6 Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.5 Ensure permissions on /etc/gshadow are configured | CIS SUSE Linux Enterprise Workstation 12 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.5 Ensure permissions on /etc/gshadow are configured | CIS Red Hat EL7 Workstation L1 v3.0.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.5 Ensure permissions on /etc/gshadow are configured | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.1.5 Ensure permissions on /etc/gshadow are configured | CIS Oracle Linux 6 Workstation L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
6.2 Verify passwd, master.passwd, and group file permissions (/etc/group) | CIS FreeBSD v1.0.5 | Unix | IDENTIFICATION AND AUTHENTICATION |
12.3 Verify Permissions on /etc/group | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
12.4 Verify User/Group Ownership on /etc/passwd | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
12.4 Verify User/Group Ownership on /etc/passwd | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
12.5 Verify User/Group Ownership on /etc/shadow | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
12.6 Verify User/Group Ownership on /etc/group | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows 10 v21H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows Server 2019 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows Server v1909 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows 10 v1511 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows 10 1607 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: Do not store LAN Manager hash value on next password change | MSCT Windows 10 v1703 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows 10 v1703 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows 10 1803 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows Server 2016 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows Server v20H2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows Server v1909 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
Network security: LAN Manager authentication level | MSCT Windows 10 1607 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
PCI 2.2.3/2.2.3.b/2.2.3.c/8.4 Verify common security parameter settings - Do not store LAN Manager password hash value next password change | PCI v2.0/v3.0 Windows Best Practices | Windows | IDENTIFICATION AND AUTHENTICATION |
PCI 2.2.4 Verify common security parameter settings - Check '/etc/group' file permissions. | PCI DSS 2.0/3.0 - Solaris 10 | Unix | IDENTIFICATION AND AUTHENTICATION |
PCI 8.1.2 - Control addition, deletion, and modification of user IDs - Permissions and Ownership - '/etc/group root:security 644' | PCI DSS 2.0/3.0 - AIX | Unix | IDENTIFICATION AND AUTHENTICATION |