Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1.9 - MobileIron - Enable 'Require encryption on the device'MobileIron - CIS Google Android 4 v1.0.0 L1MDM

ACCESS CONTROL

3.11.7.2.13 (BL) Ensure 'Require additional authentication at startup: Configure TPM startup key:' is set to 'Enabled: Do not allow startup key with TPM'CIS Microsoft Intune for Windows 11 v3.0.1 BitLocker (BL)Windows

ACCESS CONTROL

18.8.34.6.2 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.8.34.6.2 (BL) Ensure 'Allow standby states (S1-S3) when sleeping (plugged in)' is set to 'Disabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.12 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.1.13 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.2.13 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.2.15 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives: Restrict crypto algorithms or cipher suites to the following:' is set to 'Enabled: 2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.9.11.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Enabled'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.3.11 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Use BitLocker software-based encryption when hardware encryption is not available' is set to 'Enabled: True'CIS Microsoft Windows 8.1 v2.4.1 L2 BitlockerWindows

ACCESS CONTROL

18.9.11.3.12 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives: Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' is set to 'Enabled: False'CIS Microsoft Windows 8.1 v2.4.1 L1 BitlockerWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

ACCESS CONTROL

18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

ACCESS CONTROL

18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

ACCESS CONTROL

18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v3.0.0 L2 + BitLockerWindows

ACCESS CONTROL

18.10.9.1.10 (BL) Ensure 'Configure use of hardware-based encryption for fixed data drives' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NGWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BLWindows

ACCESS CONTROL

18.10.9.2.11 (BL) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

ACCESS CONTROL

18.10.9.2.11 (L1) Ensure 'Configure use of hardware-based encryption for operating system drives' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v3.0.0 L2 + BitLockerWindows

ACCESS CONTROL

18.10.9.2.13 (BL) Ensure 'Require additional authentication at startup' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NGWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 11 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.2.14 (BL) Ensure 'Require additional authentication at startup: Allow BitLocker without a compatible TPM' is set to 'Enabled: False'CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BLWindows

ACCESS CONTROL

18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NGWindows

ACCESS CONTROL

18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

ACCESS CONTROL

18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

ACCESS CONTROL

18.10.9.3.1 (L1) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

ACCESS CONTROL

18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v3.0.0 BLWindows

ACCESS CONTROL

18.10.9.3.10 (BL) Ensure 'Configure use of hardware-based encryption for removable data drives' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 BLWindows

ACCESS CONTROL