Item Search

Name	Audit Name	Plugin	Category
1.1.4.1.4 Ensure 'Disable user name and password' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
1.1.4.1.6 Ensure 'Local Machine Zone Lockdown Security' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
1.1.4.1.13 Ensure 'Saved from URL' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.5.1 Ensure Syslog Logging is configured	CIS Cisco NX-OS v1.2.0 L2	Cisco	AUDIT AND ACCOUNTABILITY
1.5.2 Log all Successful and Failed Administrative Logins	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.1.4.1 Ensure 'Default file format' is set to 'Enabled: Access 2007'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.1.5.1 Ensure 'Modal Trust Decision Only' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2 Alter the Advertised server.number String	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.2.4.7.2.1.2 Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.2.1 Ensure 'dBase III /IV files' is set to 'Enable: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.6 Ensure 'Excel 3 worksheets' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.8 Ensure 'Excel 4 workbooks' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.2.11 Ensure 'Excel 95-97 workbooks and templates' is set to 'Enabled: Open/Save Blocked, Use Open Policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.3.3 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.3.4 Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.4.7.2.4.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.2.4.7.2.7 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.9 Ensure 'Macro Notification Settings' is set to 'Require macros to be signed by a trusted publisher'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.10 Ensure 'Prevent Excel from running XLM macros' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.2.12 Ensure 'Store macro in Personal Macro Workbook by default' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.2.4.7.6 Ensure 'WEBSERVICE Function Notification Settings' is set to 'Enabled: Disable all without notification'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.18.2 Ensure 'Always expand groups in Office when restricting permission for documents' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.3.27.11 Ensure 'Disable password to open UI' is set to 'Disabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.11.8.3.1 Ensure 'Hidden text' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT
2.11.8.7.2.1.1 Ensure 'Set default file block behavior' is set to 'Enabled: Blocked files are not opened'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.1.5 Ensure 'Word 2007 and later binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.1.6 Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY
2.11.8.7.2.8 Ensure 'Scan encrypted macros in Word Open XML Documents' to 'Enabled: Scan encrypted macros (default)'	CIS Microsoft Office Enterprise v1.2.0 L1	Windows	SYSTEM AND INFORMATION INTEGRITY
3.1.2.2 If Possible, Limit the BGP Routes Accepted from Peers	CIS Cisco NX-OS v1.2.0 L2	Cisco	CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.1.2.3 Configure BGP Authentication	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION
3.1.3.2 Authenticate OSPF peers with MD5 authentication keys	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
3.2 Disable the Shutdown port	CIS Apache Tomcat 9 L2 v1.2.0	Unix	SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION
3.3.2 Configure Storm Control	CIS Cisco NX-OS v1.2.0 L2	Cisco	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, INCIDENT RESPONSE, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges	CIS MongoDB 6 v1.2.0 L1 MongoDB	MongoDB	ACCESS CONTROL
3.5 Review Superuser/Admin Roles	CIS MongoDB 6 v1.2.0 L2 MongoDB	MongoDB	ACCESS CONTROL
3.5 Review Superuser/Admin Roles - userAdminAnyDatabase	CIS MongoDB 5 L2 DB v1.2.0	MongoDB	ACCESS CONTROL
3.5.1 Basic Fiber Channel Configuration	CIS Cisco NX-OS v1.2.0 L2	Cisco	ACCESS CONTROL, CONFIGURATION MANAGEMENT
4.4 Restrict access to Tomcat logs directory	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
4.5 Ensure Encryption of Data at Rest	CIS MongoDB 6 v1.2.0 L2 MongoDB	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
4.9 Restrict access to Tomcat catalina.policy	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
6.2 Ensure SSLEnabled is set to True for Sensitive Connectors - verify SSLEnabled is set to true	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
6.2 Ensure that operating system resource limits are set for MongoDB	CIS MongoDB 6 v1.2.0 L2 MongoDB	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application	CIS Apache Tomcat 9 L1 v1.2.0	Unix	AUDIT AND ACCOUNTABILITY
8.1 Restrict runtime access to sensitive packages	CIS Apache Tomcat 9 L1 v1.2.0	Unix	ACCESS CONTROL, MEDIA PROTECTION
10.3 Restrict manager application	CIS Apache Tomcat 9 L2 v1.2.0	Unix	ACCESS CONTROL
10.9 Configure connectionTimeout	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
10.10 Configure maxHttpHeaderSize	CIS Apache Tomcat 9 L2 v1.2.0	Unix	ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

Detections

Analytics

Item Search