Item Search

Name	Audit Name	Plugin	Category
1.1 Ensure 'Web content' is on non-system partition	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL
1.2 Ensure 'Host headers' are on all sites	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND SERVICES ACQUISITION
1.5 Ensure 'unique application pools' is set for sites	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.1 Ensure 'global authorization rule' is set to restrict access	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, MEDIA PROTECTION
2.4 Ensure 'forms authentication' is set to use cookies	CIS IIS 8.0 v1.5.1 Level 2	Windows	CONFIGURATION MANAGEMENT
2.4 Ensure 'forms authentication' is set to use cookies - Application	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
2.4 Ensure 'forms authentication' is set to use cookies - Default	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
2.6 Ensure transport layer security for 'basic authentication' is configured	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.2 Ensure 'debug' is turned off - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - Applications	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND SERVICES ACQUISITION
3.5 Ensure ASP.NET stack tracing is not enabled - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	SYSTEM AND SERVICES ACQUISITION
3.8 Ensure 'MachineKey validation method - .Net 3.5' is configured	CIS IIS 8.0 v1.5.1 Level 2	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
3.9 Ensure 'MachineKey validation method - .Net 4.5' is configured - Applications	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.11 Ensure X-Powered-By Header is removed - Applications	CIS IIS 10 v1.2.1 Level 2	Windows	CONFIGURATION MANAGEMENT
3.11 Ensure X-Powered-By Header is removed - Default	CIS IIS 10 v1.2.1 Level 2	Windows	CONFIGURATION MANAGEMENT
4.6 Ensure 'HTTP Trace Method' is disabled - Default	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND SERVICES ACQUISITION
4.8 Ensure Handler is not granted Write and Script/Execute - Applications	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.8 Ensure Handler is not granted Write and Script/Execute - Default	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, AUDIT AND ACCOUNTABILITY
4.9 Ensure 'notListedIsapisAllowed' is set to false	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND SERVICES ACQUISITION
4.10 Ensure 'notListedCgisAllowed' is set to false	CIS IIS 10 v1.2.1 Level 1	Windows	SYSTEM AND SERVICES ACQUISITION
6.1 Ensure FTP requests are encrypted	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Ensure FTP requests are encrypted - Control Channel Default	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Ensure FTP requests are encrypted - Control Channel Sites	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.1 Ensure FTP requests are encrypted - Data Channel Default	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Ensure FTP Logon attempt restrictions is enabled - Deny By Failure Enabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Ensure FTP Logon attempt restrictions is enabled - Deny IP Address	CIS IIS 8.0 v1.5.1 Level 1	Windows	AUDIT AND ACCOUNTABILITY
7.1 Ensure HSTS Header is set - Server	CIS IIS 10 v1.2.1 Level 2	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Ensure SSLv2 is disabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.3 Ensure SSLv3 is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.4 Ensure TLS 1.0 is disabled	CIS IIS 8.0 v1.5.1 Level 2	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.4 Ensure TLS 1.0 is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.5 Ensure TLS 1.1 is enabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.6 Ensure TLS 1.2 is Enabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.6 Ensure TLS 1.2 is enabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.7 Ensure NULL Cipher Suites is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.7 Ensure NULL Cipher Suites is disabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.8 Ensure DES Cipher Suites is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.8 Ensure DES Cipher Suites is disabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC2 Cipher Suites is disabled	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 40/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 56/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.9 Ensure RC4 Cipher Suites is Disabled - RC4 64/128	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.10 Ensure AES 128/128 Cipher Suite is Disabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.11 Ensure AES 256/256 Cipher Suite is Enabled	CIS IIS 10 v1.2.1 Level 1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
7.12 Ensure AES 128/128 Cipher Suite is configured	CIS IIS 8.0 v1.5.1 Level 1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.13 Ensure AES 256/256 Cipher Suite is enabled	CIS IIS 8.0 v1.5.1 Level 1	Windows
7.14 Ensure TLS Cipher Suite ordering is configured	CIS IIS 8.0 v1.5.1 Level 2	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
SP13-00-000150 - The SharePoint Central Administration site must not be accessible from Extranet or Internet connections.	DISA STIG SharePoint 2013 v2r3	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
SPLK-CL-000045 - Splunk Enterprise must use an SSO proxy service, F5 device, or SAML implementation to accept the DOD common access card (CAC) or other smart card credential for identity management, personal authentication, and multifactor authentication.	DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API	Splunk	IDENTIFICATION AND AUTHENTICATION

Detections

Analytics

Item Search