Detections
Analytics

Item Search

NameAudit NamePluginCategory
CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level I.CIS IIS 7 L1 v1.8.0Windows
CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level II.CIS IIS 7 L2 v1.8.0Windows
DTOO139 - The Save commands default file format must be configured.DISA STIG Microsoft Word 2016 v1r1Windows

CONFIGURATION MANAGEMENT

IIS is installedDISA STIG IIS 6.0 Server v6r16Windows
VMCH-65-000049 - Encryption must be enabled for vMotion on the virtual machine.DISA STIG VMware vSphere Virtual Machine 6.5 v2r2VMware

CONFIGURATION MANAGEMENT

VMCH-67-000024 - Encryption must be enabled for vMotion on the virtual machine.DISA STIG VMware vSphere 6.7 Virtual Machine v1r3VMware

CONFIGURATION MANAGEMENT

VMCH-70-000024 - Encryption must be enabled for vMotion on the virtual machine (VM).DISA STIG VMware vSphere 7.0 Virtual Machine v1r3VMware

CONFIGURATION MANAGEMENT

VMCH-80-000203 Virtual machines (VMs) must enable encryption for vMotion.DISA VMware vSphere 8.0 Virtual Machine STIG v2r1VMware

CONFIGURATION MANAGEMENT

VMWare vCenter and vSphere 6.0 Hardening GuideVMWare vSphere 6.0 Hardening GuideVMware
WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - 'global.asa'DISA STIG IIS 6.0 Site Checklist v6r16Windows

ACCESS CONTROL

WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server - permissionsDISA STIG IIS 6.0 Server v6r16Windows
WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server.DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - '.HTR scripting Disallowed'DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT

WA000-WI080 IIS6 - The IIS Internet Printing Protocol must be disabled.DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WA000-WI090 IIS6 - Directory browsing must be disabled.DISA STIG IIS 6.0 Site Checklist v6r16Windows

CONFIGURATION MANAGEMENT

WA000-WI092 IIS6 - The IIS web site permissions 'Write' or 'Script Source' must not be selected. - 'Write permission check'DISA STIG IIS 6.0 Site Checklist v6r16Windows

ACCESS CONTROL

WA000-WI100 IIS6 - The File System Object component, if not required, must be disabled. - 'Scripting.FileSystemObject Check'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WA000-WI6010 IIS6 - The web site must have a unique application pool.DISA STIG IIS 6.0 Site Checklist v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WA000-WI6080 IIS6 - The AllowRestrictedChars registry key must be disabled.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND INFORMATION INTEGRITY

WA000-WI6082 - The EnableNonUTF8 registry entry is not set properly.DISA STIG IIS 6.0 Server v6r16Windows
WA000-WI6082 IIS6 - The EnableNonUTF8 registry key must be disabled.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND INFORMATION INTEGRITY

WA000-WI6086 IIS6 - The MaxFieldLength registry entry must be set properly.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WA000-WI6090 IIS6 - The UrlSegmentMaxLength registry entry must be set properly.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WA000-WI6094 IIS6 - The UriMaxUriBytes registry entry must be set properly.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WA000-WI6096 IIS6 - The UrlSegmentMaxCount registry entry must be set properly.DISA STIG IIS 6.0 Server v6r16Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WA120 IIS6 - Administrative users and groups with access privilege to the web server must be documented.DISA STIG IIS 6.0 Server v6r16Windows
WA155 IIS6 - Classified web servers must be afforded physical security commensurate with the classification of its content.DISA STIG IIS 6.0 Server v6r16Windows
WG050 IIS6 - The web server service password(s) must be entrusted to the SA or Web Manager.DISA STIG IIS 6.0 Server v6r16Windows
WG080 IIS6 - A compiler must not be installed on a production web server. - 'Lcc-win32.exe search'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG195 IIS6 - Anonymous access accounts must be restricted.DISA STIG IIS 6.0 Server v6r16Windows

ACCESS CONTROL

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\AdminScripts'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\dropbox'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\mailroot'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\docs'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\images'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\ASP Compiled Templates'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\History'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\iisadmpwd'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\inetmgr.exe'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-rep.logDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv\oblt-undo.logDISA STIG IIS 6.0 Server v6r16Windows

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

WG385 IIS6 - All web server documentation, sample code, example applications, and tutorials must be removed. - 'Inetpub\AdminScripts'DISA STIG IIS 6.0 Server v6r16Windows

CONFIGURATION MANAGEMENT

WG440 IIS6 - Monitoring software must include CGI type files or equivalent programs.DISA STIG IIS 6.0 Server v6r16Windows
WG470 IIS6 - Wscript.exe and Cscript.exe must not be accessible by users other than the SA and Web Manager. - 'cscript.exe'DISA STIG IIS 6.0 Server v6r16Windows

ACCESS CONTROL

Word 6.0 binary documents and templatesMSCT M365 Apps for enterprise 2312 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Word 6.0 binary documents and templatesMSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY

Word 6.0 binary documents and templatesMSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY