Accounts: Automatic logons must be disabled
5db60bfa-0318-430e-ab7e-c2ff3e749ae9
Accounts: Built-in Administrator account must be renamed
b1981ae3-ba91-4758-a98c-a5937a0498f7
Accounts: Built-in Guest account must be renamed
20dbd0a4-0373-4913-9f75-4ab7f6fcbdb0
Accounts: Local Guest account should be disabled
538d811a-0a0a-4336-8294-63bc2c092ebb
Accounts: Must require passwords
00279417-0255-4ff4-8b5c-dbb7866085e2
Accounts: Reversible password encryption must be disabled
71ebd815-0ca9-44c9-b7b8-c96e155e7afb
Auditing: Policy subcategories should be enabled
2db4a73a-0e6d-4f25-80a0-49792a478308
Auditing: Removable Storage
af074caf-14a4-41f5-9ebd-e2214dc48240
Autoplay: Must be turned off for non-volume devices
d2ac90ea-b1de-49bb-aa59-fe8b271c7c2b
Autoplay: Should be disabled for all drives
2cb75d59-8ef3-4fa3-90e1-8bec9e51c703
Credentials: WDigest Authentication must be disabled
13cb0c87-4b9a-4923-9768-87bafab6ef87
Domain Controller: Must require LDAP access signing
9e1e28ee-d597-49db-b33d-cfee0ba15c69
Domain Member: LDAP client signing requirements
5c9b1fb7-3d92-4d13-be5f-13d7894e50d0
General: AntiVirus/Antimalware Status
6d48a68a-3e44-4a00-8d42-670e41c9942c
General: Windows firewall status
1f229f09-4c15-4bfe-b9f7-ed63d03cd70e
Logon: Network selection UI must not be displayed
3476077b-5d03-4819-9ef0-213402f37eed
Passwords: Minimum length
e352dda0-c735-4b4e-ba26-097f5dbab32c
Passwords: Storing LAN Manager hash
8fbc83d9-7409-41aa-bf3c-a2360a8d9749
PowerShell: v2 should not be installed / enabled
f69ae077-386f-4543-9036-30e5b3377f62
Printing: Prevent users from installing printer drivers
889cec97-07a1-4c83-b5cb-c4d92203aa17
Remote Desktop Services: Idle session time limit
a06670b6-460f-45ae-93ef-02d41f52d45e
Remote Desktop Services: Must prevent drive redirection
f412c653-14b4-4829-8fd8-0263d996cf04
TLS/SSL Insecure Ciphers (SCHANNEL)
78fcd8a8-18af-49f4-8a64-bccb901e5557
Threat Intel: Attack Vector: Disable Windows Event Logging
f1bc38dc-fbda-45cd-9ec9-7f69dfd7b00e
Threat Intel: Persistence - AppInit DLLs
bf92b536-95cc-4060-bea3-a61ba1e4c9bb
Tracking: The location feature must be turned off
b5e9fae5-f161-4c39-a915-7282a3896dd9
Tracking: Windows Telemetry must not be set to Full
0001b667-c79a-4486-802c-32d860cae99e
Windows OS: Build Version Check (End Of Life)
07b6c273-cdb3-4a4d-889d-d1d54dc0eb5f
Windows OS: Build Version Check (OS Updated)
c7b058ab-6360-4b5d-9cd2-45eafef8c489
Windows OS: Secure Boot must be enabled
e8bb4b60-e081-427e-924e-e99a1aacf387
Full tag list
compliance-server (127) server (107) compliance-desktop (107) stig-medium-server (105) security-server (104) desktop (102) security-desktop (86) stig-medium-desktop (85) nist800-53-server (79) nist800-53-desktop (77) nist800-171-server (73) nist800-171-desktop (58) cmmc2-l2-server (56) cmmc2-l2-desktop (45) cis-csc-server (30) bestpractice-desktop (29) cis-csc-desktop (27) pci-dss-v4-server (25) bestpractice-server (24) stig-high-desktop (20) cmmc2-l1-server (20) pci-dss-v4-desktop (20) stig-high-server (19) cmmc2-l1-desktop (17) tisax (16) domaincontroller (15) pci-dss-v3.2-server (15) domainmember (14) threat-intel-server (11) pci-dss-v3.2-desktop (11) cmmc2-l3-server (10) threat-intel-desktop (9) sig-server (9) nist-privacy-server (9) remote-desktop (7) health (7) sec-hardening-server (7) sec-hardening-desktop (7) privacy-server (6) privacy-desktop (6) nist-privacy-desktop (6) csa-cmm-server (6) cmmc2-l3-desktop (6) mitre-desktop (4) stig-low-server (4) stig-medium-ie (4) stig-low-desktop (4) cve-server (3) mitre-server (3) niap-server (3) niap-desktop (3) fips140-2 (3) sig-desktop (3) bestpractice-domaincontroller (3) cve-desktop (2) cce-desktop (2) cce-server (2) msoffice (2) owasptop-server (1) owasptop-desktop (1) hyper-v (1) iis-stig-high (1) fedramp-server (1) fedramp-desktop (1) cjis-server (1) cjis-desktop (1) ul2900-1-server (1) ul2900-1-desktop (1) csf-server (1) csf-desktop (1) info-desktop (1) csa-cmm-desktop (1) exchange-security (1) domaincontroller-health (1)