Item Search

NameAudit NamePluginCategory
1.2 Ensure 'host headers' are on all sitesCIS IIS 7 L1 v1.8.0Windows

CONFIGURATION MANAGEMENT

1.4 Ensure 'application pool identity' is configured for all application poolsCIS IIS 7 L1 v1.8.0Windows

ACCESS CONTROL

1.4 Ensure that the underlying Internet Information Services (IIS) Authentication module is set to use Kerberos as its Auth ProviderCIS Microsoft SharePoint 2016 OS v1.1.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.4 Ensure that the underlying Internet Information Services (IIS) Authentication module is set to use Kerberos as its Authentication ProviderCIS Microsoft SharePoint 2019 OS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.28 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

AUDIT AND ACCOUNTABILITY

2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 MS L1 v3.0.0Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

AUDIT AND ACCOUNTABILITY

2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.34 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.36 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.40 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MSWindows

ACCESS CONTROL

2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

ACCESS CONTROL

2.2.44 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Windows Server 2012 DC L1 v3.0.0Windows

ACCESS CONTROL

2.2.45 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.45 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2019 v3.0.1 L1 DCWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.45 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain ControllerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.45 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

2.2.52 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MSWindows

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

3.2 Ensure 'debug' is turned off - ApplicationsCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND INFORMATION INTEGRITY

3.3 Ensure custom error messages are not off - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.3 Ensure custom error messages are not off - DefaultCIS IIS 10 v1.2.1 Level 2Windows

SYSTEM AND SERVICES ACQUISITION

3.12 Ensure Server Header is removed - ApplicationsCIS IIS 10 v1.2.1 Level 2Windows

CONFIGURATION MANAGEMENT

3.12 Ensure Server Header is removed - DefaultCIS IIS 10 v1.2.1 Level 2Windows

CONFIGURATION MANAGEMENT

4.1 Ensure 'maxAllowedContentLength' is configuredCIS IIS 8.0 v1.5.1 Level 2Windows

SYSTEM AND INFORMATION INTEGRITY

4.1 Ensure 'maxAllowedContentLength' is configured - ApplicationsCIS IIS 7 L2 v1.8.0Windows

SYSTEM AND INFORMATION INTEGRITY

4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonenameCIS Solaris 11.1 L1 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.35 (L1) Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

CONFIGURATION MANAGEMENT

5.38 Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

CONFIGURATION MANAGEMENT

5.38 Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Windows 7 Workstation Level 1 v3.2.0Windows

CONFIGURATION MANAGEMENT

5.40 (L1) Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

5.41 (L1) Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

CONFIGURATION MANAGEMENT

5.41 (L1) Ensure 'World Wide Web Publishing Service (W3SVC)' is set to 'Disabled' or 'Not Installed'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

CONFIGURATION MANAGEMENT

8.3.4 (L1) Ensure standard processes are used for VM deploymentCIS VMware ESXi 7.0 v1.4.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

8.3.4 Ensure standard processes are used for VM deploymentCIS VMware ESXi 6.7 v1.3.0 Level 1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

ESXI-06-300040 - The VMM must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.DISA STIG VMware vSphere 6.x ESXi v1r5VMware

SYSTEM AND COMMUNICATIONS PROTECTION

EX19-MB-000007 - Exchange must use encryption for Outlook Web App (OWA) access.DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2Windows

ACCESS CONTROL

IIST-SV-000205 - The IIS 10.0 web server must enable HTTP Strict Transport Security (HSTS)DISA IIS 10.0 Server v2r10Windows

CONFIGURATION MANAGEMENT

IIST-SV-000205 - The IIS 10.0 web server must enable HTTP Strict Transport Security (HSTS) - HSTSDISA IIS 10.0 Server v3r2Windows

CONFIGURATION MANAGEMENT

IISW-SV-000136 - The IIS 8.5 web server must augment re-creation to a stable and known baseline.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN16-00-000430 - FTP servers must be configured to prevent anonymous logons.DISA Windows Server 2016 STIG v2r9Windows

CONFIGURATION MANAGEMENT

WN19-00-000420 - Windows Server 2019 FTP servers must be configured to prevent anonymous logons.DISA Windows Server 2019 STIG v3r2Windows

CONFIGURATION MANAGEMENT

WN22-00-000420 - Windows Server 2022 FTP servers must be configured to prevent anonymous logons.DISA Windows Server 2022 STIG v2r2Windows

CONFIGURATION MANAGEMENT