Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4.1.2 Ensure 'Bind to object' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.4.1.10 Ensure 'Protection From Zone Elevation' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

1.1.4.1.11 Ensure 'Restrict ActiveX Install' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.1.4.1.12 Ensure 'Restrict File Download' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

1.1.4.1.14 Ensure 'Scripted Window Security Restrictions' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

1.3.1 Pre-authentication BannerCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.4.1 Enable Password Complexity Requirements for Local CredentialsCIS Cisco NX-OS v1.2.0 L1Cisco

IDENTIFICATION AND AUTHENTICATION

1.7.2 Disable iPXE (Pre-boot eXecution Environment)CIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

1.8 (L2) Host integrated hardware management controller must secure authenticationCIS VMware ESXi 8.0 v1.2.0 L2VMware

ACCESS CONTROL

1.9.3 Configure source interface for SNMP TrapsCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT

1.9.4 Ensure Read Write privileges are not configured for SNMPCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, MAINTENANCE

1.10 (L2) Host hardware must enable Intel SGX, if availableCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

1.12 (L2) Host integrated hardware management controller must deactivate internal networkingCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT

2.1.1.4.1.1 Ensure 'Underline hyperlinks' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.5 (L1) Host must only run binaries delivered via signed VIBCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.9 (L1) Host must not suppress warnings about unmitigated hyperthreading vulnerabilitiesCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

2.10 (L1) Host must restrict inter-VM transparent page sharingCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

2.11.8.7.2.1.2 Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.1.7 Ensure 'Word 95 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.2.3 Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.11.8.7.2.10 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

3.1.3.1 Set Interfaces with no Peers to Passive-InterfaceCIS Cisco NX-OS v1.2.0 L1Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.4.2 Create and use a single Loopback Address for Routing Protocol PeeringCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.1.4.3 Use Unicast Routing Protocols OnlyCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

3.2.5 Disable IP Source-RoutingCIS Cisco NX-OS v1.2.0 L1Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 (L1) Host must deactivate SLPCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.4.1 Configure LLDPCIS Cisco NX-OS v1.2.0 L1Cisco

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.4.2 Configure CDPCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5 (L1) Host must deactivate CIMCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.6 (L1) Host should deactivate SNMPCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

3.25 (L1) Host must display a login banner for SSH connectionsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

4.4 (L1) Host must set the logging informational level to infoCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY

4.11 (L1) Host must use strict x509 verification for TLS-enabled remote logging endpointsCIS VMware ESXi 8.0 v1.2.0 L1VMware

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

5.3 (L1) Host must restrict use of the dvFilter network APICIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groupsCIS VMware ESXi 8.0 v1.2.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.9 (L1) Host must restrict access to a default or native VLAN on standard virtual switchesCIS VMware ESXi 8.0 v1.2.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.10 (L1) Host must restrict the use of Virtual Guest Tagging (VGT) on standard virtual switchesCIS VMware ESXi 8.0 v1.2.0 L1VMware

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2.1 (L1) Host must isolate storage communicationsCIS VMware ESXi 8.0 v1.2.0 L1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphersCIS VMware ESXi 8.0 v1.2.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.5.2 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated cryptographic modulesCIS VMware ESXi 8.0 v1.2.0 L1Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.5.3 (L1) Host SSH daemon, if enabled, must not allow use of gateway portsCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT

6.5.6 (L1) Host SSH daemon, if enabled, must set a timeout interval on idle sessionsCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.5.9 (L1) Host SSH daemon, if enabled, must disable stream local forwardingCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.5.12 (L1) Host SSH daemon, if enabled, must not permit user environment settingsCIS VMware ESXi 8.0 v1.2.0 L1Unix

CONFIGURATION MANAGEMENT, MAINTENANCE

7.7 (L1) Virtual machines must limit PCI/PCIe device passthrough functionalityCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

7.11 (L1) Virtual machines must remove unnecessary AHCI devicesCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

7.19 (L1) Virtual machines must deactivate console paste operationsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.4 (L2) VMware Tools on deployed virtual machines must prevent being recustomizedCIS VMware ESXi 8.0 v1.2.0 L2VMware

CONFIGURATION MANAGEMENT, MAINTENANCE

8.12 (L1) VMware Tools must limit the use of MSI transforms when reconfiguring VMware ToolsCIS VMware ESXi 8.0 v1.2.0 L1VMware

CONFIGURATION MANAGEMENT

8.13 (L1) VMware Tools must enable VMware Tools loggingCIS VMware ESXi 8.0 v1.2.0 L1VMware

AUDIT AND ACCOUNTABILITY