API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| 572acb1b77575c5e | SCA Check 34521: Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| e832360aee62fd8b | SCA Check 34522: Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| bcd55374a518263c | SCA Check 34523: Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 69acfde18b0ba2ac | SCA Check 34524: Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 1227f8c6c2d6dd96 | SCA Check 34525: Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| b78df202c8d80675 | SCA Check 34526: Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| f8e1fc4fe9d99548 | SCA Check 34527: Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 72b4b82b6147c24d | SCA Check 34528: Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 2cb1e8d957e7fd5d | SCA Check 34529: Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 1e907b353434498a | SCA Check 34530: Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 7e6445ff09de565f | SCA Check 34531: Configure 'Interactive logon: Message text for users attempting to log on'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| e7a83e8db7f8d31c | SCA Check 34532: Configure 'Interactive logon: Message title for users attempting to log on'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 3dd0d8a6684e9337 | SCA Check 34533: Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0.… | wazuh-sca |
| cd4b5ba853293a93 | SCA Check 34534: Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark… | wazuh-sca |
| af9a530df3e1858d | SCA Check 34535: Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| eb09993adfa492f4 | SCA Check 34536: Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| b870ac81a8068969 | SCA Check 34537: Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| f6f1f47a9f0aff0c | SCA Check 34538: Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0.… | wazuh-sca |
| 0ae779899b891a80 | SCA Check 34539: Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'. Policy: CIS Microsoft Windows Server 2012 (non-R2)… | wazuh-sca |
| 3ecc8f1d3630d879 | SCA Check 34540: Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| c65f9f51414d4517 | SCA Check 34541: Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 2387d03f7f4378f9 | SCA Check 34542: Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 84bc6d6cade63f0b | SCA Check 34543: Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only). Policy: CIS Microsoft Windows Server 2012… | wazuh-sca |
| 9650acc3796e8b3e | SCA Check 34544: Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| 282ccc88c9133bf4 | SCA Check 34545: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0.… | wazuh-sca |
| f178d732dc3ba4c7 | SCA Check 34546: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark… | wazuh-sca |
| 3b71f9f63cf0b3d3 | SCA Check 34547: Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2)… | wazuh-sca |
| a9d9eec4f1ed1ab7 | SCA Check 34548: Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 9d36a87c1c1103b0 | SCA Check 34549: Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| ca2d991438abcdcf | SCA Check 34550: Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only). Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| 5cb90446741a8098 | SCA Check 34551: Configure 'Network access: Remotely accessible registry paths' is configured. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 094f864b5d96c983 | SCA Check 34552: Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| 17bf45e1e42bcc6d | SCA Check 34553: Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 4145a5fd2d7b7d73 | SCA Check 34554: Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only). Policy: CIS Microsoft Windows Server 2012… | wazuh-sca |
| a5fa7bbfecb19d7d | SCA Check 34555: Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0004', 'TA0005']… | wazuh-sca |
| e964fc7ac5987fce | SCA Check 34556: Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'. Policy: CIS Microsoft Windows Server 2012… | wazuh-sca |
| a22e18a30614e34b | SCA Check 34557: Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 9d1690bbe4f2c705 | SCA Check 34558: Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007']… | wazuh-sca |
| b811757a36030210 | SCA Check 34559: Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2)… | wazuh-sca |
| 9788ece1f09c19e4 | SCA Check 34560: Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types'. Policy: CIS Microsoft Windows… | wazuh-sca |
| ea013ec1f03e1ee6 | SCA Check 34561: Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0.… | wazuh-sca |
| bb5f6a74dc2e7661 | SCA Check 34562: Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0006',… | wazuh-sca |
| 0945aca4241aa925 | SCA Check 34563: Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark… | wazuh-sca |
| 5a577ee82b7825fa | SCA Check 34564: Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| 5913a86cb46ee118 | SCA Check 34565: Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'. Policy:… | wazuh-sca |
| dc3f884a10aa8ffb | SCA Check 34566: Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'. Policy:… | wazuh-sca |
| 72f6714f650a751b | SCA Check 34567: Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| efb9b509cf6b62bd | SCA Check 34568: Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| e16bd90d6ea6db8b | SCA Check 34569: Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2)… | wazuh-sca |
| 68e60ddb5a57d983 | SCA Check 34570: Ensure 'System settings: Optional subsystems' is set to 'Defined: (blank)'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques:… | wazuh-sca |