Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.3.11.6 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

IDENTIFICATION AND AUTHENTICATION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 11 Stand-alone v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled'CIS Windows Server 2012 DC L1 v3.0.0Windows

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Windows Server 2012 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2016 v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DCWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Domain ControllerWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

18.10.17.4 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

CONFIGURATION MANAGEMENT

18.10.17.4 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2019 v3.0.1 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.17.4 Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain ControllerWindows

CONFIGURATION MANAGEMENT

18.10.17.4 Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NGWindows

CONFIGURATION MANAGEMENT

20.62 Ensure 'Telnet Client is not installed'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

20.62 Ensure 'Telnet Client is not installed'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.62 Ensure 'Telnet Client is not installed'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

20.62 Ensure 'Telnet Client is not installed' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

49.24 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send LM and NTLMv2 responses only. Refuse LM and NTLM'CIS Microsoft Intune for Windows 10 v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

49.24 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send LM and NTLMv2 responses only. Refuse LM and NTLM'CIS Microsoft Intune for Windows 11 v4.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Configure SMB v1 serverMSCT Windows 10 1809 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 1903 v1.19.9Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server 2022 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 v21H1 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 v21H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 11 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server 1903 MS v1.19.9Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server v2004 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server v2004 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 1909 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 10 v2004 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 11 v24H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows Server v1909 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 serverMSCT Windows 11 v22H2 v1.0.0Windows

CONFIGURATION MANAGEMENT

Configure SMB v1 server - SMB1MSCT Windows Server 2025 DC v1.0.0Windows

CONFIGURATION MANAGEMENT

Extended Protection for LDAP Authentication (Domain Controllers only)MSCT Windows Server 1903 DC v1.19.9Windows

CONFIGURATION MANAGEMENT

WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - RolesDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION