PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

EventSentry

Validation Scripts

Scripts

37

Tag

cis-csc-server


Accounts: Administrator accounts must not be enumerated during elevation
f3afb7e7-d38a-42f2-8290-56da3b445913
Accounts: Enable computer and user accounts delegation user right not be assigned to any groups or accounts
64f28abd-921c-4d04-b2c0-f047d20d673e
Accounts: Enable computer and user accounts to be trusted user right must only be assigned to the Admins group on DCs
42587e5b-a61b-49e2-b25b-5413d52ebd05
Accounts: Local accounts with blank passwords must be restricted to prevent access from the network
3ef29cdc-8018-48a9-b210-13e18cf14d07
Accounts: Must have the built-in Windows password complexity policy enabled
be6a2756-21d7-452c-b0a1-e6032f14f422
Accounts: Must require passwords
00279417-0255-4ff4-8b5c-dbb7866085e2
Accounts: UIAccess applications must not be allowed to prompt for elevation without using the secure desktop
80e6af5a-3633-408e-b890-8b7581adda66
Accounts: User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop
0b28a1d9-618b-45ce-8938-f73cc84fce81
Accounts: User Account Control must only elevate UIAccess applications that are installed in secure locations
b6f678d0-7ffc-48e8-b89c-ca6d301de838
Accounts: must disable automatically signing in the last interactive user after a system-initiated restart
30d230a9-ff8e-44a2-ac87-f35b77bff14a
Auditing: Event Log / Viewer must be protected from unauthorized modification and deletion
09651036-eca5-4f3a-83fb-0ff12719b201
Auditing: Permissions for the Security event log must prevent access by non-privileged accounts
f67457c3-6d39-425d-9831-b5e44eaf7d6f
Auditing: Permissions for the System event log must prevent access by non-privileged accounts
31096f12-75ea-425b-b416-f0c0b87dc6ff
Autoplay: Must be turned off for non-volume devices
d2ac90ea-b1de-49bb-aa59-fe8b271c7c2b
Autoplay: Should be disabled for all drives
2cb75d59-8ef3-4fa3-90e1-8bec9e51c703
Autorun: behavior must be configured to prevent Autorun commands
746184bf-3f96-4365-8bb4-c7abf8a772ac
Domain Member: Group policy objects must be reprocessed even if they have not changed
0652c1f1-ca23-46d0-a60f-7f62281b866e
File System: Windows must prevent Indexing of encrypted files
138956a4-8987-4f7f-b830-bf58e4ca7778
General: AntiVirus/Antimalware Status
6d48a68a-3e44-4a00-8d42-670e41c9942c
General: Downloading print driver packages over HTTP must be turned off
925b056c-6bae-4e27-aa19-f8d383455774
General: Printing over HTTP must be turned off
21735bdc-fd91-44a8-beca-9a48b6c5e166
General: Windows Defender SmartScreen must be enabled (Server)
4595ee72-d404-4b45-aae4-102fefd1a165
Internet Browser: Attachments must be prevented from being downloaded from RSS feeds
5ba4fbad-193e-4b62-8326-4bd0705112bd
Logon: Network selection UI must not be displayed
3476077b-5d03-4819-9ef0-213402f37eed
Network Access: Must Have the Server Message Block (SMB) v1 protocol disabled on the SMB client
78c4c60a-a039-4a47-b614-3138d7bcfe4f
Network Access: Must have the Server Message Block (SMB) v1 protocol disabled on the SMB server
9a3ba1fc-6a60-4752-9827-152b821e5c0a
Network Access: Windows must not have the Server Message Block (SMB) v1 protocol installed
934a1499-9d7e-407b-86ab-9a58e10f4ed1
Network: Internet Protocol version 6 (IPv6) source routing must use highest protection level to prevent IP source routing
d5030382-fcd1-4d7c-88e3-f1defebc7cf0
Network: Simple TCP/IP Services must not be installed on the system
d0f0e951-4cca-4ca9-9b9e-e9e13e39ca99
Network: Source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing
655d213f-bed4-43aa-9bbf-f4bf77a2defd
Passwords: must, at a minimum, be 14 characters
e352dda0-c735-4b4e-ba26-097f5dbab32c
Remote Desktop Services: Must be configured with the client connection encryption set to High Level
0cf4a80a-705e-4831-9e1d-bc91c93e4625
Remote Desktop Services: Must require secure Remote Procedure Call (RPC) communications
20a8c861-e142-4e51-bf82-b0ef8bd1343c
Remote Management: Windows Remote Management (WinRM) client must not use Digest authentication
1a0eb6a5-9009-4dc3-b12f-bed65052c49d
Windows OS: Build Version Check (End Of Life)
07b6c273-cdb3-4a4d-889d-d1d54dc0eb5f
Windows OS: Build Version Check (OS Updated)
c7b058ab-6360-4b5d-9cd2-45eafef8c489
Windows OS: Explorer Data Execution Prevention must be enabled
c4e3c7a1-5b63-407a-8eb9-c6a4b52b9f93
Full tag list
compliance-server (133) server (112) compliance-desktop (112) stig-medium-server (110) desktop (108) security-server (105) nist800-53-server (100) nist800-53-desktop (96) security-desktop (88) stig-medium-desktop (86) nist800-171-server (85) nist800-171-desktop (69) cmmc2-l2-server (64) cmmc2-l2-desktop (54) pci-dss-v4-server (37) cis-csc-server (37) cis-csc-desktop (33) bestpractice-desktop (30) pci-dss-v4-desktop (30) mitre-att-server (29) mitre-att-desktop (28) bestpractice-server (25) stig-high-desktop (22) cmmc2-l1-server (22) stig-high-server (21) cmmc2-l1-desktop (19) pci-dss-v3.2-server (18) domaincontroller (16) tisax (16) domainmember (16) pci-dss-v3.2-desktop (13) cmmc2-l3-server (12) threat-intel-server (11) threat-intel-desktop (10) sig-server (10) nist-privacy-server (10) sec-hardening-server (9) sec-hardening-desktop (9) cmmc2-l3-desktop (8) remote-desktop (7) health (7) nist-privacy-desktop (7) csa-cmm-server (7) privacy-server (6) privacy-desktop (6) owasptop-server (6) stig-low-desktop (6) stig-low-server (5) owasptop-desktop (5) stig-medium-ie (4) cce-desktop (3) cce-server (3) niap-server (3) niap-desktop (3) bestpractice-domaincontroller (3) fips140-2 (3) sig-desktop (3) vm-guest-host (2) msoffice (2) hyper-v (1) iis-stig-high (1) bitlocker-security-desktop (1) fedramp-server (1) fedramp-desktop (1) cjis-server (1) cjis-desktop (1) ul2900-1-server (1) ul2900-1-desktop (1) csf-server (1) csf-desktop (1) info-desktop (1) csa-cmm-desktop (1) exchange-security (1) domainmember-health (1) domaincontroller-health (1)

CMMC v2.0 Compliance STIG CIS NIST 800-171 Servers Desktops

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.