CSCv6|1

Title

Inventory of Authorized and Unauthorized Devices

Description

Inventory of Authorized and Unauthorized Devices

Reference Item Details

Reference: CIS Critical Security Controls v6

Category: Inventory of Authorized and Unauthorized Devices

Family: System

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.2.11 Set 'Audit Policy: Account Management: Computer Account Management' to 'No Auditing'	Windows	CIS Windows 8 L1 v1.0.0
1.14 Ensure 'Find My Device' is set to 'Enabled'	MDM	AirWatch - CIS Google Android v1.3.0 L2
1.14 Ensure 'Find My Device' is set to 'Enabled'	MDM	MobileIron - CIS Google Android v1.3.0 L2
1.14 Ensure 'Find My Device' is set to Enabled	MDM	MobileIron - CIS Google Android v1.2.0 L2
1.14 Ensure 'Find My Device' is set to Enabled	MDM	AirWatch - CIS Google Android v1.2.0 L2
1.16 Ensure 'Remotely locate this device' is set to 'Enabled'	MDM	AirWatch - CIS Google Android v1.3.0 L1
1.16 Ensure 'Remotely locate this device' is set to 'Enabled'	MDM	MobileIron - CIS Google Android v1.3.0 L1
1.16 Ensure 'Remotely locate this device' is set to Enabled	MDM	AirWatch - CIS Google Android v1.2.0 L1
1.16 Ensure 'Remotely locate this device' is set to Enabled	MDM	MobileIron - CIS Google Android v1.2.0 L1
4.008-DC - Auditing records must be configured as required - Computer Account Management	Windows	DISA Windows Server 2008 DC STIG v6r47
4.008-MS - Auditing records must be configured as required - Computer Account Management	Windows	DISA Windows Server 2008 MS STIG v6r46
17.2.2 (L1) Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 10 Enterprise (Release 1607) v1.2.0 Level 1 Bitlocker
17.2.2 (L1) Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 10 Enterprise (Release 1803) v1.5.0 Level 1
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 DC L1 v2.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Windows Server 2012 MS L1 v2.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 L1 Bitlocker v2.3.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows Server 2008 Member Server Level 1 v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Windows 7 Workstation Level 1 v3.1.0
17.2.2 Ensure 'Audit Computer Account Management' is set to 'Success and Failure'	Windows	CIS Microsoft Windows 8.1 L1 v2.3.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.3.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Windows Server 2012 R2 DC L1 v2.4.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Windows Server 2012 R2 DC L1 v2.5.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Microsoft Windows Server 2016 DC L1 v1.2.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Windows Server 2012 DC L1 v2.2.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.2.0
17.2.2 Ensure 'Audit Computer Account Management' is set to include 'Success' (DC only)	Windows	CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.2.0
Audit Computer Account Management	Windows	MSCT Windows Server v1909 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server 2012 R2 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server 1903 DC v1.19.9
Audit Computer Account Management	Windows	MSCT Windows Server 2019 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server v20H2 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server 2012 R2 MS v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server 2016 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server 1903 DC v1.0.0
Audit Computer Account Management	Windows	MSCT Windows Server v2004 DC v1.0.0
HIPAA 164.308(a)(5)(ii)(C) - Log-in Monitoring (A) 'Computer Account Management'	Windows	HIPAA Windows Audit
WINAU-000202 - The system will be configured to audit 'Account Management -> Computer Account Management' successes - Account Management -> Computer Account Management successes.	Windows	DISA Windows 7 STIG v1r32
WINAU-000202-DC - Windows Server 2008 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
WINAU-000252 - The system will be configured to audit 'Account Management -> Computer Account Management' failures - Account Management -> Computer Account Management failures.	Windows	DISA Windows 7 STIG v1r32
WN12-AU-000011-DC - Windows Server 2012/2012 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2012 and 2012 R2 DC STIG v3r1
WN12-AU-000011-DC - Windows Server 2012/2012 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2012 and 2012 R2 DC STIG v3r3
WN12-AU-000011-DC - Windows Server 2012/2012 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2012 and 2012 R2 DC STIG v3r2
WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2016 STIG v2r3
WN16-DC-000230 - Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2016 STIG v2r2
WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2019 STIG v2r3
WN19-DC-000230 - Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes.	Windows	DISA Windows Server 2019 STIG v2r2

Detections

Analytics

CSCv6|1

Title

Description

Reference Item Details

Audit Items