Item Search

Name	Audit Name	Plugin	Category
1.18 Set 'Maximum receive size - connector level' to '10240'	CIS Microsoft Exchange Server 2016 Hub v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
1.18 Set 'Maximum receive size - connector level' to '10240'	CIS Microsoft Exchange Server 2013 Hub v1.1.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
2.2.29 Ensure 'Deny log on locally' to include 'Guests, Enterprise Admins group, and Domain Admins group' (STIG MS only)	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	ACCESS CONTROL
2.2.33 Ensure 'Deny log on locally' to include 'Guests, Enterprise Admins group, and Domain Admins group' (STIG MS only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	ACCESS CONTROL
5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	CONFIGURATION MANAGEMENT
18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2022 v4.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 MS	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows 11 Stand-alone v4.0.0 L1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled'	CIS Microsoft Windows Server 2025 v1.0.0 L1 DC	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS'	CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC	Windows	SYSTEM AND INFORMATION INTEGRITY
20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' (STIG only)	CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS	Windows	SYSTEM AND INFORMATION INTEGRITY
Default Protections for Popular Software - Chrome	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - iTunes	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - mIRC	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Thunderbird	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - WindowsMediaPlayer	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Popular Software - Winzip64	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - jre6_java	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - jre6_javaws	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Publisher	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Default Protections for Recommended Software - Wordpad	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	CONFIGURATION MANAGEMENT
Deny log on through Remote Desktop Services	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Do not display network selection UI	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Domain member: Digitally encrypt or sign secure channel data (always)	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Domain member: Disable machine account password changes	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Enable screen saver	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Microsoft network client: Digitally sign communications (always)	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Minimum password length	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Network access: Do not allow anonymous enumeration of SAM accounts and shares	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network access: Let Everyone permissions apply to anonymous users	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network access: Restrict anonymous access to Named Pipes and Shares	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Replace a process level token	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Sign-in last interactive user automatically after a system-initiated restart	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	IDENTIFICATION AND AUTHENTICATION
Specify the maximum log file size (KB) - Application	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Specify the maximum log file size (KB) - Security	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	AUDIT AND ACCOUNTABILITY
Turn off toast notifications on the lock screen	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	ACCESS CONTROL
Turn on Windows Defender protection against Potentially Unwanted Applications	MSCT Windows 10 1803 v1.0.0	Windows	SYSTEM AND INFORMATION INTEGRITY
User Account Control: Virtualize file and registry write failures to per-user locations	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
Windows Firewall: Protect all network connections	MSCT Windows Server 2012 R2 MS v1.0.0	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
WN12-00-000100 - The Windows 2012 / 2012 R2 system must use an anti-virus program.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT
WN12-SO-000042 - IPSec Exemptions must be limited.	DISA Windows Server 2012 and 2012 R2 DC STIG v3r7	Windows	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search