Item Search

Name	Audit Name	Plugin	Category
1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.10 (L1) Ensure 'Back up files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.13 (L1) Ensure 'Create a pagefile' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.22 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.28 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.36 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.39 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.42 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.1.2 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.1.5 (L1) Configure 'Accounts: Rename guest account'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.4.2 (L1) Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.3 (L1) Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.8 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.9.3 (L1) Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.11.5 (L1) Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.1.8 (L1) Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.6 (L1) Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.3.8 (L1) Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.2.5 (L1) Ensure 'Audit Security Group Management' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.5.2 (L1) Ensure 'Audit Logoff' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.3.1 (L1) Ensure 'Apply UAC restrictions to local accounts on network logons' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.3.5 (L1) Ensure 'Enable Structured Exception Handling Overwrite Protection (SEHOP)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.3.7 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.4.5 (L2) Ensure 'MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds' is set to 'Enabled: 300,000 or 5 minutes (recommended)'	CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.12 (L1) Ensure 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' is set to 'Enabled: 90% or less'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.5.14.1 (L1) Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.8.34.6.1 (L1) Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.25.2 (L1) Ensure 'Default Action and Mitigation Settings' is set to 'Enabled' (plus subsettings)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.3.1 (L1) Ensure 'Setup: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.47.15 (L1) Ensure 'Turn off Microsoft Defender AntiVirus' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.65.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.90.2 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.102.2.1 (L1) Ensure 'Allow Basic authentication' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.2.3 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
19.1.3.1 (L1) Ensure 'Enable screen saver' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.1.3.3 (L1) Ensure 'Password protect the screen saver' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.1.3.4 (L1) Ensure 'Screen saver timeout' is set to 'Enabled: 900 seconds or fewer, but not 0'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
19.7.43.1 (L1) Ensure 'Always install with elevated privileges' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL

Detections

Analytics

Item Search