Item Search

NameAudit NamePluginCategory
1.18 Set 'Maximum receive size - connector level' to '10240'CIS Microsoft Exchange Server 2016 Hub v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

18.9.65.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1Windows

CONFIGURATION MANAGEMENT

18.10.9.1.2 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered' is set to 'Enabled'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.6 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NGWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.1.6 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.9.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BLWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.1.6 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.2.7 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Omit recovery options from the BitLocker setup wizard' is set to 'Enabled: True'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

SYSTEM AND COMMUNICATIONS PROTECTION

18.10.10.3.14 (BL) Ensure 'Deny write access to removable drives not protected by BitLocker' is set to 'Enabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLockerWindows

MEDIA PROTECTION

18.10.56.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2019 v3.0.1 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.56.3.2.1 Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.56.3.2.1 Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MSWindows

CONFIGURATION MANAGEMENT

18.10.56.3.2.1 Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member ServerWindows

CONFIGURATION MANAGEMENT

18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled'CIS Windows Server 2012 R2 MS L2 v3.0.0Windows

CONFIGURATION MANAGEMENT

Accounts: Limit local account use of blank passwords to console logon onlyMSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Allow Microsoft accounts to be optionalMSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Audit LogoffMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Audit Process CreationMSCT Windows Server 2012 R2 MS v1.0.0Windows

AUDIT AND ACCOUNTABILITY

Change the system timeMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

CNTR-R2-000110 The Kubernetes Kubelet must have anonymous authentication disabled.DISA Rancher Government Solutions RKE2 STIG v2r2Unix

ACCESS CONTROL

CNTR-R2-000120 The Kubernetes API server must have the insecure port flag disabled.DISA Rancher Government Solutions RKE2 STIG v2r2Unix

ACCESS CONTROL

Create a token objectMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Default Protections for Popular Software - 7zMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - FirefoxPluginContainerMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - FoxitReaderMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - LiveWriterMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - OperaMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - SkypeMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - UnRARMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Popular Software - WinzipMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Default Protections for Recommended Software - LyncMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Deny access to this computer from the networkMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Deny log on as a serviceMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Domain member: Digitally sign secure channel data (when possible)MSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Enable computer and user accounts to be trusted for delegationMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Increase scheduling priorityMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Interactive logon: Machine inactivity limitMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Lock pages in memoryMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Manage auditing and security logMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Microsoft network server: Amount of idle time required before suspending sessionMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Microsoft network server: Digitally sign communications (always)MSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Modify firmware environment valuesMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network access: Remotely accessible registry pathsMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Network security: Force logoff when logon hours expireMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Password must meet complexity requirementMSCT Windows Server 2012 R2 MS v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

Perform volume maintenance tasksMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Prevent enabling lock screen cameraMSCT Windows Server 2012 R2 MS v1.0.0Windows

CONFIGURATION MANAGEMENT

Shut down the systemMSCT Windows Server 2012 R2 MS v1.0.0Windows

ACCESS CONTROL

Turn off AutoplayMSCT Windows Server 2012 R2 MS v1.0.0Windows

SYSTEM AND COMMUNICATIONS PROTECTION

Turn on Windows Defender protection against Potentially Unwanted ApplicationsMSCT Windows 10 1803 v1.0.0Windows

SYSTEM AND INFORMATION INTEGRITY