Item Search

Name	Audit Name	Plugin	Category
1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.20 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account and member of Administrators group' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.29 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
2.2.33 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.4 (L1) Configure 'Accounts: Rename administrator account'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.6.2 (L1) Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.7.5 (L2) Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.10.2 (L1) Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.11.2 (L1) Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.11.7 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.17.7 (L1) Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
9.1.7 (L1) Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.5 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.7 (L1) Ensure 'Windows Firewall: Private: Logging: Log dropped packets' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.2.8 (L1) Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.4 (L1) Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.7 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.4.2 (L1) Ensure 'Audit Directory Service Changes' is set to include 'Success' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.2 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.4.4 (L1) Ensure 'MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.8 (L1) Ensure 'MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.4.1 (L1) Ensure 'Configure DNS over HTTPS (DoH) name resolution' is set to 'Enabled: Allow DoH' or higher	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.8.22.1.4 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.34.6.1 (L1) Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.8.48.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.53.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.8.2 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	MEDIA PROTECTION
18.9.31.2 (L1) Ensure 'Turn off shell protocol protected mode' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
18.9.47.4.1 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.47.15 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows 8.1 v2.4.1 L1	Windows	IDENTIFICATION AND AUTHENTICATION
18.9.65.3.3.2 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.9.4 (L1) Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.9.5 (L1) Ensure 'Set client connection encryption level' is set to 'Enabled: High Level'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.10.1 (L2) Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	ACCESS CONTROL
18.9.66.1 (L1) Ensure 'Prevent downloading of enclosures' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.86.2.1 (L1) Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.90.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.102.2.2 (L2) Ensure 'Allow remote server management through WinRM' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.103.1 (L2) Ensure 'Allow Remote Shell Access' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search