API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| d9ff76c58e6b8b9b | SCA Check 34771: Ensure 'Set time limit for disconnected sessions' is set to 'Enabled: 1 minute'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0006', 'TA0003']… | wazuh-sca |
| 99ccd979d84ae286 | SCA Check 34772: Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 1e9958f14b8dd9f5 | SCA Check 34773: Ensure 'Do not use temporary folders per session' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| dc1c3dfd83077005 | SCA Check 34774: Ensure 'Prevent downloading of enclosures' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0001', 'TA0002'] Techniques:… | wazuh-sca |
| b1d5b68597d0b6de | SCA Check 34775: Ensure 'Allow indexing of encrypted files' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques:… | wazuh-sca |
| bc1ef3b932be2896 | SCA Check 34776: Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0002',… | wazuh-sca |
| f43959f9735151c4 | SCA Check 34777: Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0005']… | wazuh-sca |
| 05903b071cc6b738 | SCA Check 34778: Ensure 'Allow user control over installs' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| 1f6e9fd25053ea2a | SCA Check 34779: Ensure 'Always install with elevated privileges' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| dd1c4d5d78823a0a | SCA Check 34780: Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics:… | wazuh-sca |
| b024407925ebc667 | SCA Check 34781: Ensure 'Turn on PowerShell Script Block Logging' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0005', 'TA0006', 'TA0007']… | wazuh-sca |
| 8d0f62f30e768df0 | SCA Check 34782: Ensure 'Turn on PowerShell Transcription' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| 632ee4dbc08100e9 | SCA Check 34783: Ensure 'Allow Basic authentication' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| 29cd96f0fd2f806a | SCA Check 34784: Ensure 'Allow unencrypted traffic' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| 23725fed2796a521 | SCA Check 34785: Ensure 'Disallow Digest authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| 459e739dc8dd6fda | SCA Check 34786: Ensure 'Allow Basic authentication' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| e940a3064018496a | SCA Check 34787: Ensure 'Allow remote server management through WinRM' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0005'] Techniques:… | wazuh-sca |
| bfe8c73ddb46b3d4 | SCA Check 34788: Ensure 'Allow unencrypted traffic' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0009', 'TA0010'] Techniques: ['T1005',… | wazuh-sca |
| 8dcba9fad3add51b | SCA Check 34789: Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0004', 'TA0005']… | wazuh-sca |
| 0dcd3dcfb44f0d86 | SCA Check 34790: Ensure 'Allow Remote Shell Access' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This… | wazuh-sca |
| 47c935480862652a | SCA Check 34791: Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0.… | wazuh-sca |
| cfd1debad47d13ea | SCA Check 34792: Ensure 'Configure Automatic Updates' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0043', 'TA0007'] Techniques: ['T1595',… | wazuh-sca |
| df93465e8de4594f | SCA Check 34793: Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'. Policy: CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0. Tactics: ['TA0043',… | wazuh-sca |
| 78e4b5acb81f93db | SCA Check 16000: Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078', 'T1098',… | wazuh-sca |
| df764fd40e8b77c8 | SCA Check 16001: Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 974a867f653243b1 | SCA Check 16002: Ensure 'Accounts: Guest account status' is set to 'Disabled' (MS only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This… | wazuh-sca |
| 41dd7cfbc4504c03 | SCA Check 16003: Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| a8027f0f879595cf | SCA Check 16004: Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled'. Policy: CIS Microsoft Windows Server… | wazuh-sca |
| c10744fe86fe44b8 | SCA Check 16005: Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006',… | wazuh-sca |
| daaa4c27b62ca02f | SCA Check 16006: Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009', 'TA0010'] Techniques:… | wazuh-sca |
| c5991704b6ee5b6a | SCA Check 16007: Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 0d1801840523b3c7 | SCA Check 16008: Ensure 'Domain controller: Allow server operators to schedule tasks' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 6f16db148669a808 | SCA Check 16009: Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics:… | wazuh-sca |
| be6b2eb3f54b9ca6 | SCA Check 16010: Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009',… | wazuh-sca |
| ec13baa5c3beee29 | SCA Check 16011: Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009', 'TA0010']… | wazuh-sca |
| d855a10e8245bea1 | SCA Check 16012: Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques:… | wazuh-sca |
| aa23c236f958d3ea | SCA Check 16013: Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009', 'TA0010']… | wazuh-sca |
| 3d43533e1ffe0508 | SCA Check 16014: Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009', 'TA0010']… | wazuh-sca |
| 9412206e90e19c6e | SCA Check 16015: Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| b315c1b3d5c44992 | SCA Check 16016: Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 20b0493852d9d7d4 | SCA Check 16017: Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| ebd1e59c1a6343e4 | SCA Check 16018: Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| afa14da0531c6e17 | SCA Check 16019: Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| 7e087ed6ea45c1bc | SCA Check 16020: Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| 19cd6082cdd18dca | SCA Check 16021: Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003']… | wazuh-sca |
| 894edfc9aab034e0 | SCA Check 16022: Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only). Policy: CIS Microsoft Windows… | wazuh-sca |
| 6b251b6b85ac474c | SCA Check 16023: Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 4b39103ce0aeb36f | SCA Check 16024: Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics:… | wazuh-sca |
| 5331758fb95c08a7 | SCA Check 16025: Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003']… | wazuh-sca |
| 499273b7e7d26070 | SCA Check 16026: Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |