800-53|SI-5

Title

SECURITY ALERTS, ADVISORIES, AND DIRECTIVES

Description

The organization:

Supplemental

The United States Computer Emergency Readiness Team (US-CERT) generates security alerts and advisories to maintain situational awareness across the federal government. Security directives are issued by OMB or other designated organizations with the responsibility and authority to issue such directives. Compliance to security directives is essential due to the critical nature of many of these directives and the potential immediate adverse effects on organizational operations and assets, individuals, other organizations, and the Nation should the directives not be implemented in a timely manner. External organizations include, for example, external mission/business partners, supply chain partners, external service providers, and other peer/supporting organizations.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: SI-2

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P1

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.3.7.1 Set 'Microsoft network client: Send unencrypted password to third-party SMB servers' to 'Disabled'	Windows	CIS Windows 8 L1 v1.0.0
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Attempt to clean	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Download Scan	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Upload Scan	Windows	CIS Microsoft SharePoint 2019 OS v1.0.0
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 v3.2.0
18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0
18.9.77.7.1 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.77.7.1 Ensure 'Turn on behavior monitoring' is set to 'Enabled'	Windows	CIS Microsoft Windows 8.1 v2.4.1 L1
18.10.15.6 (L1) Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS
18.10.15.6 (L1) Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC
18.10.15.6 Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'	Windows	CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS
Microsoft network client: Send unencrypted password to third-party SMB servers	Windows	MSCT Windows Server 2022 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers	Windows	MSCT Windows Server 2019 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers	Windows	MSCT Windows Server 2019 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers	Windows	MSCT Windows 10 1803 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers	Windows	MSCT Windows 10 1809 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v20H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v21H1 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 11 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 11 v23H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 1903 v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 2016 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 2016 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v1909 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 1903 DC v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 1909 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 1903 MS v1.19.9
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v1909 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v2004 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT MSCT Windows Server 2022 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v20H2 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v1507 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v21H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 11 v22H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v2004 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 2012 R2 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v20H2 DC v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows 10 v22H2 v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server v2004 MS v1.0.0
Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword	Windows	MSCT Windows Server 2012 R2 MS v1.0.0
Store passwords using reversible encryption	Windows	MSCT Windows Server 2019 DC v1.0.0
Store passwords using reversible encryption	Windows	MSCT Windows 10 1809 v1.0.0
Store passwords using reversible encryption	Windows	MSCT Windows Server 2019 MS v1.0.0
WDigest Authentication	Windows	MSCT Windows 10 1803 v1.0.0
WDigest Authentication	Windows	MSCT Windows Server 2016 MS v1.0.0
WDigest Authentication	Windows	MSCT Windows Server 2012 R2 DC v1.0.0
WDigest Authentication	Windows	MSCT Windows 10 v1507 v1.0.0

Detections

Analytics