Item Search

Name	Audit Name	Plugin	Category
1.1.2 (L1) Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.18 (L1) Ensure 'Debug programs' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.34 (L2) Ensure 'Log on as a batch job' is set to 'Administrators' (DC Only)	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	ACCESS CONTROL
2.2.43 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
2.3.9.4 (L1) Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.4 (L1) Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
9.2.6 (L1) Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
9.3.10 (L1) Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION
17.5.5 (L1) Ensure 'Audit Special Logon' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.6.2 (L1) Ensure 'Audit Other Object Access Events' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.7.5 (L1) Ensure 'Audit Other Policy Change Events' is set to include 'Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
17.8.1 (L1) Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.2.6 (L1) Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION
18.3.4 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.4.2 (L1) Ensure 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' is set to 'Enabled: Highest protection, source routing is completely disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.6 (L1) Ensure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)')	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.21.1 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.5 (L2) Ensure 'Turn off Internet File Association service' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.22.1.6 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.8.37.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.16.1 (L1) Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
18.9.25.3 (L1) Ensure 'Default Protections for Internet Explorer' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY
18.9.27.2.1 (L1) Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.3.2 (L1) Ensure 'Setup: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.1 (L1) Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.27.4.2 (L1) Ensure 'System: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	AUDIT AND ACCOUNTABILITY
18.9.47.4.1 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
18.9.65.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.67.2 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND COMMUNICATIONS PROTECTION
18.9.102.1.2 (L1) Ensure 'Allow unencrypted traffic' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
18.9.103.1 (L2) Ensure 'Allow Remote Shell Access' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1	Windows	CONFIGURATION MANAGEMENT
18.9.108.1.4 (L1) Ensure 'Reschedule Automatic Updates scheduled installations' is set to 'Enabled: 1 minute'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.1 (L1) Ensure 'Configure Automatic Updates' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
18.9.108.2.2 (L1) Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
19.7.4.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	CONFIGURATION MANAGEMENT
19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	SYSTEM AND INFORMATION INTEGRITY

Detections

Analytics

Item Search