Detections
Analytics

CSCv6|8.6

Title

Enable domain name system (DNS) query logging to detect hostname lookup for known malicious C2 domains.

Description

Enable domain name system (DNS) query logging to detect hostname lookup for known malicious C2 domains.

Reference Item Details

Category: Malware Defenses

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Attempt to cleanWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Scan on downloadWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
3.5 Ensure that SharePoint specific malware (i.e. anti-virus) protection software is integrated and configured - Scan on uploadWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0
6.4 Ensure DNS sinkholing is configured on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 7 Benchmark L1 v1.0.0
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 6 Benchmark L1 v1.0.0
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 9 Benchmark v1.0.0 L1
6.5 Ensure passive DNS monitoring is set to enabled on all anti-spyware profiles in usePalo_AltoCIS Palo Alto Firewall 8 Benchmark L1 v1.0.0