Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.4.1.4 Ensure 'Disable user name and password' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

1.1.4.1.6 Ensure 'Local Machine Zone Lockdown Security' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

1.1.4.1.13 Ensure 'Saved from URL' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

1.5.1 Ensure Syslog Logging is configuredCIS Cisco NX-OS v1.2.0 L2Cisco

AUDIT AND ACCOUNTABILITY

1.5.2 Log all Successful and Failed Administrative LoginsCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

2.1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.1.4.1 Ensure 'Default file format' is set to 'Enabled: Access 2007'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.1.5.1 Ensure 'Modal Trust Decision Only' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.2 Alter the Advertised server.number StringCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.2.1 Ensure 'dBase III /IV files' is set to 'Enable: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.2.6 Ensure 'Excel 3 worksheets' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.2.8 Ensure 'Excel 4 workbooks' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.2.11 Ensure 'Excel 95-97 workbooks and templates' is set to 'Enabled: Open/Save Blocked, Use Open Policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.3.3 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.3.4 Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4.7.2.4.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.2.4.7.2.7 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.9 Ensure 'Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.10 Ensure 'Prevent Excel from running XLM macros' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.2.12 Ensure 'Store macro in Personal Macro Workbook by default' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.2.4.7.6 Ensure 'WEBSERVICE Function Notification Settings' is set to 'Enabled: Disable all without notification'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.11.8.3.1 Ensure 'Hidden text' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT

2.11.8.7.2.1.1 Ensure 'Set default file block behavior' is set to 'Enabled: Blocked files are not opened'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.1.5 Ensure 'Word 2007 and later binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.1.6 Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'CIS Microsoft Office Enterprise v1.2.0 L1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY

2.11.8.7.2.8 Ensure 'Scan encrypted macros in Word Open XML Documents' to 'Enabled: Scan encrypted macros (default)'CIS Microsoft Office Enterprise v1.2.0 L1Windows

SYSTEM AND INFORMATION INTEGRITY

3.1.2.2 If Possible, Limit the BGP Routes Accepted from PeersCIS Cisco NX-OS v1.2.0 L2Cisco

CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.2.3 Configure BGP AuthenticationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION

3.1.3.2 Authenticate OSPF peers with MD5 authentication keysCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.2 Disable the Shutdown portCIS Apache Tomcat 9 L2 v1.2.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.3.2 Configure Storm ControlCIS Cisco NX-OS v1.2.0 L2Cisco

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, INCIDENT RESPONSE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privilegesCIS MongoDB 6 v1.2.0 L1 MongoDBMongoDB

ACCESS CONTROL

3.5 Review Superuser/Admin RolesCIS MongoDB 6 v1.2.0 L2 MongoDBMongoDB

ACCESS CONTROL

3.5 Review Superuser/Admin Roles - userAdminAnyDatabaseCIS MongoDB 5 L2 DB v1.2.0MongoDB

ACCESS CONTROL

3.5.1 Basic Fiber Channel ConfigurationCIS Cisco NX-OS v1.2.0 L2Cisco

ACCESS CONTROL, CONFIGURATION MANAGEMENT

4.4 Restrict access to Tomcat logs directoryCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.5 Ensure Encryption of Data at RestCIS MongoDB 6 v1.2.0 L2 MongoDBWindows

SYSTEM AND COMMUNICATIONS PROTECTION

4.9 Restrict access to Tomcat catalina.policyCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.12 Restrict access to Tomcat server.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

4.14 Restrict access to Tomcat web.xmlCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to trueCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.2 Ensure that operating system resource limits are set for MongoDBCIS MongoDB 6 v1.2.0 L2 MongoDBWindows

SYSTEM AND COMMUNICATIONS PROTECTION

7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web applicationCIS Apache Tomcat 9 L1 v1.2.0Unix

AUDIT AND ACCOUNTABILITY

8.1 Restrict runtime access to sensitive packagesCIS Apache Tomcat 9 L1 v1.2.0Unix

ACCESS CONTROL, MEDIA PROTECTION

10.3 Restrict manager applicationCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL

10.9 Configure connectionTimeoutCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

10.10 Configure maxHttpHeaderSizeCIS Apache Tomcat 9 L2 v1.2.0Unix

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION