API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| c3192b778ce15a10 | SCA Check 16227: Ensure 'Require a password when a computer wakes (on battery)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| ab0f366055d22eb8 | SCA Check 16228: Ensure 'Require a password when a computer wakes (plugged in)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| 4a0d0ca1a4369ed2 | SCA Check 16229: Ensure 'Configure Offer Remote Assistance' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| 6a5dff05a37039c4 | SCA Check 16230: Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| c9bc553a615be444 | SCA Check 16231: Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| 62be7efff8788719 | SCA Check 16232: Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' (MS only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| 8ce469e9dd3ebf49 | SCA Check 16233: Ensure 'Configure validation of ROCA-vulnerable WHfB keys during authentication' is set to 'Enabled: Audit' or higher (DC only). Policy: CIS Microsoft Windows Server 2016 v2.0.0… | wazuh-sca |
| b31d19f352f1aff0 | SCA Check 16234: Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0… | wazuh-sca |
| a0b1afa21e6e4d05 | SCA Check 16235: Ensure 'Enable/Disable PerfTrack' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy setting… | wazuh-sca |
| 671076e2be46613e | SCA Check 16236: Ensure 'Turn off the advertising ID' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0001', 'TA0011'] Techniques: ['T1133', 'T1200', 'T1046',… | wazuh-sca |
| 9479ae05aa0f833a | SCA Check 16237: Ensure 'Enable Windows NTP Client' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006', 'TA0007'] Techniques: ['T1562', 'T1070',… | wazuh-sca |
| 66c4e885e8a10e22 | SCA Check 16238: Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only). Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006', 'TA0007'] Techniques: ['T1562',… | wazuh-sca |
| 180517951af8fed0 | SCA Check 16239: Ensure 'Allow a Windows app to share application data between users' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0009', 'TA0010'] Techniques:… | wazuh-sca |
| 1979b261d5354789 | SCA Check 16240: Ensure 'Allow Microsoft accounts to be optional' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078', 'T1098',… | wazuh-sca |
| c29d6059a315aa61 | SCA Check 16241: Ensure 'Disallow Autoplay for non-volume devices' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562', 'T1070',… | wazuh-sca |
| 1733567bdc406ee5 | SCA Check 16242: Ensure 'Set the default behavior for AutoRun' is set to 'Enabled: Do not execute any autorun commands'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005']… | wazuh-sca |
| 6ed45acb80be8732 | SCA Check 16243: Ensure 'Turn off Autoplay' is set to 'Enabled: All drives'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562', 'T1070', 'T1059',… | wazuh-sca |
| c825aeb6571437f0 | SCA Check 16244: Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562', 'T1070', 'T1059',… | wazuh-sca |
| 540539adb4979812 | SCA Check 16245: Ensure 'Allow Use of Camera' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046', 'T1087'] This policy setting… | wazuh-sca |
| 4780fd5dba81e29d | SCA Check 16246: Ensure 'Turn off cloud consumer account state content' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| 3e2965beb812f70a | SCA Check 16247: Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| 4db80f683a0897d3 | SCA Check 16248: Ensure 'Require pin for pairing' is set to 'Enabled: First Time' OR 'Enabled: Always'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 919e6e82318331ab | SCA Check 16249: Ensure 'Do not display the password reveal button' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046', 'T1087']… | wazuh-sca |
| 13f8b9c1efc06486 | SCA Check 16250: Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046',… | wazuh-sca |
| f6c48117cb71d50f | SCA Check 16251: Ensure 'Allow Diagnostic Data' is set to 'Enabled: Diagnostic data off (not recommended)' or 'Enabled: Send required diagnostic data'. Policy: CIS Microsoft Windows Server 2016… | wazuh-sca |
| 193cbf9f502017d8 | SCA Check 16252: Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage'. Policy: CIS Microsoft… | wazuh-sca |
| 13c4cceeb007ebcf | SCA Check 16253: Ensure 'Disable OneSettings Downloads' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046', 'T1087'] This policy… | wazuh-sca |
| 8beec7e43aaae5f8 | SCA Check 16254: Ensure 'Do not show feedback notifications' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| 938a43399e2e193a | SCA Check 16255: Ensure 'Enable OneSettings Auditing' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006'] Techniques: ['T1110', 'T1078', 'T1556', 'T1056'] This… | wazuh-sca |
| 5ffdb5bd5a1b9701 | SCA Check 16256: Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046', 'T1087'] This policy… | wazuh-sca |
| 89b75ba9b2740147 | SCA Check 16257: Ensure 'Limit Dump Collection' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595', 'T1046', 'T1087'] This policy setting… | wazuh-sca |
| 89e66174d03bc9c5 | SCA Check 16258: Ensure 'Toggle user control over Insider builds' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| c1c4c93de5bc9343 | SCA Check 16259: Ensure 'Application: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005',… | wazuh-sca |
| 9c6b6ce675d43b69 | SCA Check 16260: Ensure 'Application: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006',… | wazuh-sca |
| 61b59eb23c236750 | SCA Check 16261: Ensure 'Security: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005',… | wazuh-sca |
| 837b32281bc36e73 | SCA Check 16262: Ensure 'Security: Specify the maximum log file size (KB)' is set to 'Enabled: 196,608 or greater'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006',… | wazuh-sca |
| 5b0498c66a2b39b1 | SCA Check 16263: Ensure 'Setup: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005',… | wazuh-sca |
| c2fc199bd6871443 | SCA Check 16264: Ensure 'Setup: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006',… | wazuh-sca |
| f168a724d50ba076 | SCA Check 16265: Ensure 'System: Control Event Log behavior when the log file reaches its maximum size' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005',… | wazuh-sca |
| b220336ef21dfa72 | SCA Check 16266: Ensure 'System: Specify the maximum log file size (KB)' is set to 'Enabled: 32,768 or greater'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005', 'TA0006',… | wazuh-sca |
| 9a45a30c74c4f1a4 | SCA Check 16267: Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562',… | wazuh-sca |
| ecfed9b5951ec215 | SCA Check 16268: Ensure 'Turn off heap termination on corruption' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1189', 'T1190',… | wazuh-sca |
| 40dd5fa986a18d61 | SCA Check 16269: Ensure 'Turn off shell protocol protected mode' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1189', 'T1190',… | wazuh-sca |
| 302e547ee593a316 | SCA Check 16270: Ensure 'Turn off location' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy setting turns off the… | wazuh-sca |
| 54a916907d1d81af | SCA Check 16271: Ensure 'Allow Message Service Cloud Sync' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy… | wazuh-sca |
| 10d8ad1f195df73f | SCA Check 16272: Ensure 'Block all consumer Microsoft account user authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| c087eaa33a54807a | SCA Check 16273: Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques:… | wazuh-sca |
| a7f12cf4c3f1cd8d | SCA Check 16274: Ensure 'Join Microsoft MAPS' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy setting allows you… | wazuh-sca |
| b26fe25c057701f0 | SCA Check 16275: Ensure 'Configure Attack Surface Reduction rules' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562', 'T1070',… | wazuh-sca |
| b96b00e8a8e93eb7 | SCA Check 16276: Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005']… | wazuh-sca |