Item Search

NameAudit NamePluginCategory
1.13.3.3.1.1 Ensure 'Configure Trusted Add-ins' to 'Disabled'CIS Microsoft Office Outlook 2013 v1.1.0 Level 1Windows

CONFIGURATION MANAGEMENT

2.2.20 Ensure 'Create symbolic links' is set to 'Administrators, NT VIRTUAL MACHINE\Virtual Machines' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

ACCESS CONTROL

2.2.21 Ensure 'Create symbolic links' is set to 'Administrators, NT VIRTUAL MACHINE\Virtual Machines' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

ACCESS CONTROL

2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)CIS Windows Server 2012 MS L1 v3.0.0Windows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2022 v3.0.0 L1 Member ServerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows Server 2012 R2 MS L1 v3.0.0Windows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.11.7 Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2016 Database L1 AWS RDS v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2016 Database L1 DB v1.4.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2017 Database L1 DB v1.3.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure Windows BUILTIN groups are not SQL LoginsCIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

ACCESS CONTROL, MEDIA PROTECTION

5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is ConfiguredCIS Apple macOS 11.0 Big Sur v4.0.0 L2Unix

IDENTIFICATION AND AUTHENTICATION

18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.19.2 (L1) Ensure 'Turn Off user-installed desktop gadgets' is set to 'Enabled'CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L1) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NGWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BLWindows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.15.2 Ensure 'Allow Diagnostic Data' is set to 'Enabled: Send required diagnostic data' or 'Enabled: Send optional diagnostic data' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MSWindows

CONFIGURATION MANAGEMENT

18.10.15.2 Ensure 'Allow Diagnostic Data' is set to 'Enabled: Send required diagnostic data' or 'Enabled: Send optional diagnostic data' (STIG only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

CONFIGURATION MANAGEMENT

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NGWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.28.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

SYSTEM AND INFORMATION INTEGRITY

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

18.10.58.2 (L1) Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION