Item Search

Name	Audit Name	Plugin	Category
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Windows Server 2012 R2 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.8 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators' (DC only)	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.9 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.11.1.3 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Allow data recovery agent' is set to 'Enabled: True'	CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker	Windows	ACCESS CONTROL, CONTINGENCY PLANNING
18.9.11.1.5 Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.1.10 Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.2.13 Ensure 'Require additional authentication at startup: Configure TPM startup:' is set to 'Enabled: Do not allow TPM'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.4 Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password'	CIS Windows 7 Workstation Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.10 Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.11.3.11 Ensure 'Configure use of smart cards on removable data drives' is set to 'Enabled'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.1.6 (L1) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.9.3.14 (L1) Ensure 'Deny write access to removable drives not protected by BitLocker' is set to 'Enabled'	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	MEDIA PROTECTION
18.10.10.1.6 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.10.10.3.2 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL	Windows	MEDIA PROTECTION
18.10.10.3.2 Ensure 'Choose how BitLocker-protected removable drives can be recovered' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 BL	Windows	MEDIA PROTECTION
18.10.10.3.6 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'	CIS Microsoft Windows 10 Enterprise v4.0.0 BL	Windows	MEDIA PROTECTION
18.10.10.3.14 Ensure 'Deny write access to removable drives not protected by BitLocker' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v5.0.1 BL	Windows	MEDIA PROTECTION
Default Protections for Popular Software - mIRC	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Winzip	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Access	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Acrobat	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - jre6_java	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - jre6_javaw	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - jre7_javaw	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Visio	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - VisioViewer	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Deny log on as a service	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Interactive logon: Do not display last user name	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Load and unload device drivers	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Maximum password age	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Microsoft network client: Digitally sign communications (if server agrees)	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Microsoft network server: Amount of idle time required before suspending session	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Minimum password age	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Minimum password length	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network access: Allow anonymous SID/Name translation	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network access: Remotely accessible registry paths	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network access: Remotely accessible registry paths and subpaths	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network access: Sharing and security model for local accounts	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Network security: Do not store LAN Manager hash value on next password change	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Prevent enabling lock screen camera	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Reset lockout counter after	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Turn off Autoplay	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
User Account Control: Behavior of the elevation prompt for standard users	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
User Account Control: Only elevate UIAccess applications that are installed in secure locations	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Windows Firewall: Prohibit unicast response to multicast or broadcast requests	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search