Item Search

Name	Audit Name	Plugin	Category
2.2.4 (L1) Ensure 'Act as part of the operating system' is set to 'No One'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.6 (L1) Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.11 (L1) Ensure 'Change the system time' is set to 'Administrators, LOCAL SERVICE'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.12 (L1) Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.14 (L1) Ensure 'Create a token object' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.15 (L1) Ensure 'Create global objects' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.16 (L1) Ensure 'Create permanent shared objects' is set to 'No One'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.16 (L1) Ensure 'Create permanent shared objects' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.18 (L1) Ensure 'Create symbolic links' is set to 'Administrators, NT VIRTUAL MACHINE\Virtual Machines' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.20 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.21 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account and member of Administrators group' (MS only)	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.23 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.23 (L1) Ensure 'Deny log on as a service' to include 'Guests'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.24 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.29 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only)	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.31 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only)	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.33 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.34 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Lock pages in memory' is set to 'No One'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.35 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.36 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.2.37 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only)	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.39 (L1) Ensure 'Modify an object label' is set to 'No One'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.39 (L1) Ensure 'Profile single process' is set to 'Administrators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.40 (L1) Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.41 (L1) Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	CIS Windows Server 2012 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.41 (L1) Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.43 (L1) Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.2.43 (L1) Ensure 'Shut down the system' is set to 'Administrators, Backup Operators'	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS	Windows	ACCESS CONTROL
2.2.44 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1	Windows	ACCESS CONTROL
2.2.45 (L1) Ensure 'Restore files and directories' is set to 'Administrators'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.46 (L1) Ensure 'Shut down the system' is set to 'Administrators'	CIS Windows Server 2012 R2 MS L1 v3.0.0	Windows	ACCESS CONTROL
2.2.47 (L1) Ensure 'Synchronize directory service data' is set to 'No One' (DC only)	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured	CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1	Windows	ACCESS CONTROL
2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured	CIS Microsoft Windows 10 Enterprise v3.0.0 L1	Windows	ACCESS CONTROL
2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured	CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC	Windows	ACCESS CONTROL
2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured	CIS Windows Server 2012 DC L1 v3.0.0	Windows	ACCESS CONTROL
2.9 Ensure SNS Topics do not Allow Everyone To Publish	CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0	amazon_aws	ACCESS CONTROL
5.1.2 Check System Wide Applications for appropriate permissions	CIS Apple macOS 10.13 L1 v1.1.0	Unix	ACCESS CONTROL

Detections

Analytics

Item Search