Item Search

Name	Audit Name	Plugin	Category
1.17 Set 'Maximum send size - organization level' to '10240'	CIS Microsoft Exchange Server 2016 Hub v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.3.9.5 Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only)	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_failed_connections_threshold	CIS MySQL 5.6 Enterprise Database L1 v2.0.0	MySQLDB	ACCESS CONTROL
2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS	CIS MySQL 5.6 Community Database L1 v2.0.0	MySQLDB	ACCESS CONTROL
2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay	CIS MySQL 5.6 Community Database L1 v2.0.0	MySQLDB	ACCESS CONTROL
2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS	CIS MySQL 5.7 Enterprise Database L1 v2.0.0	MySQLDB	ACCESS CONTROL
2.15 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay	CIS MySQL 5.7 Enterprise Database L1 v2.0.0	MySQLDB	ACCESS CONTROL
2.18 Implement Connection Delays to Limit Failed Login Attempts	CIS MySQL 8.0 Enterprise Database L1 v1.3.0	MySQLDB	ACCESS CONTROL
17.4.2 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
17.4.3 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only)	CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC	Windows	AUDIT AND ACCOUNTABILITY
18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 DC	Windows	ACCESS CONTROL
18.6.11.4 (L1) Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L1 MS	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller	Windows	ACCESS CONTROL
18.6.11.4 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS	Windows	ACCESS CONTROL
18.9.41.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.7 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Save BitLocker recovery information to AD DS for fixed data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.2.3 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG	Windows	MEDIA PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v3.0.0 BL	Windows	MEDIA PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL	Windows	MEDIA PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL	Windows	MEDIA PROTECTION
18.10.9.3.7 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Save BitLocker recovery information to AD DS for removable data drives' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 11 Enterprise v3.0.0 BL	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 BL	Windows	MEDIA PROTECTION
18.10.9.3.15 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker: Do not allow write access to devices configured in another organization' is set to 'Enabled: False'	CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL	Windows	MEDIA PROTECTION
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v3.0.0 L2 Domain Controller	Windows	CONFIGURATION MANAGEMENT
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.36.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 v3.0.1 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 DC	Windows	CONFIGURATION MANAGEMENT
18.10.37.1 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.1 Ensure 'Turn off location' is set to 'Enabled'	CIS Microsoft Windows Server 2022 STIG v1.0.0 L2 MS	Windows	CONFIGURATION MANAGEMENT
18.10.37.2 (L2) Ensure 'Turn off location' is set to 'Enabled'	CIS Windows Server 2012 MS L2 v3.0.0	Windows	CONFIGURATION MANAGEMENT
Network security: LAN Manager authentication level	MSCT Windows 11 v24H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network security: LAN Manager authentication level	MSCT Windows 10 1809 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network security: LAN Manager authentication level	MSCT Windows 10 v21H2 v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network security: LAN Manager authentication level	MSCT Windows Server v2004 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network security: LAN Manager authentication level	MSCT Windows Server v20H2 DC v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
WDNS-AU-000006 - The Windows 2012 DNS Server logging must be enabled to record events from all DNS server functions.	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows	AUDIT AND ACCOUNTABILITY
WN22-MS-000030 - Windows Server 2022 local users on domain-joined member servers must not be enumerated.	DISA Windows Server 2022 STIG v2r2	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search