API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| ce3df75232da8684 | SCA Check 16327: Ensure 'Prevent users from modifying settings' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0002', 'TA0005'] Techniques: ['T1562', 'T1070',… | wazuh-sca |
| 09932ee7c3ae4b6c | SCA Check 16328: Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0043',… | wazuh-sca |
| 88db8d32fef3e9a0 | SCA Check 16329: Ensure 'Configure Automatic Updates' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0043', 'TA0007'] Techniques: ['T1595', 'T1190', 'T1203'] This… | wazuh-sca |
| 13758f4a11328335 | SCA Check 16330: Ensure 'Configure Automatic Updates: Scheduled install day' is set to '0 - Every day'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0043', 'TA0007'] Techniques:… | wazuh-sca |
| 80bb07522a4c7279 | SCA Check 16331: Ensure 'Manage preview builds' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This policy setting manage… | wazuh-sca |
| a263f880cbc211ab | SCA Check 16332: Ensure 'Select when Preview Builds and Feature Updates are received' is set to 'Enabled: 180 or more days'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0005']… | wazuh-sca |
| 0ad0f007ff9aa106 | SCA Check 16333: Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days'. Policy: CIS Microsoft Windows Server 2016 v2.0.0 Tactics: ['TA0043', 'TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 49af2fee54c7a159 | SCA Check 15500: Ensure 'Enforce password history' is set to '24 or more password(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| 9ed14a07940431bc | SCA Check 15501: Ensure 'Maximum password age' is set to '365 or fewer days, but not 0'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| 829bc1f94bbd7e48 | SCA Check 15502: Ensure 'Minimum password age' is set to '1 or more day(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078', 'T1098',… | wazuh-sca |
| f1d428482f43a30d | SCA Check 15503: Ensure 'Minimum password length' is set to '14 or more character(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| 4d545e920379cf2a | SCA Check 15505: Ensure 'Relax minimum password length limits' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| debd1041ca51de56 | SCA Check 15506: Ensure 'Account lockout duration' is set to '15 or more minute(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques: ['T1078',… | wazuh-sca |
| ce9cced1d9f170b3 | SCA Check 15507: Ensure 'Account lockout threshold' is set to '5 or fewer invalid logon attempt(s), but not 0'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 0bada11a237dc06d | SCA Check 15508: Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003'] Techniques:… | wazuh-sca |
| 56ca80ddd971a775 | SCA Check 15510: Ensure 'Accounts: Block Microsoft accounts' is set to 'Users can't add or log on with Microsoft accounts'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| 88e2a8b2e14a1d0e | SCA Check 15511: Ensure 'Accounts: Guest account status' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] This… | wazuh-sca |
| 539034165a5da2c2 | SCA Check 15512: Ensure 'Accounts: Limit local account use of blank passwords to console logon only' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| cf141b894b6e7ad0 | SCA Check 15513: Configure 'Accounts: Rename administrator account'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] The built-in local… | wazuh-sca |
| a791c9b8ad2606bd | SCA Check 15514: Configure 'Accounts: Rename guest account'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0005'] Techniques: ['T1036', 'T1564'] The built-in local guest… | wazuh-sca |
| 01d7ee1db09def8e | SCA Check 15516: Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0005',… | wazuh-sca |
| b57f699797f2925b | SCA Check 15518: Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0004', 'TA0005']… | wazuh-sca |
| d03a3b64a4a68b19 | SCA Check 15519: Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 4a4ed20e992b54d8 | SCA Check 15520: Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| c4a0aa84b9851e93 | SCA Check 15521: Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 1561b0cf2fc90e17 | SCA Check 15522: Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006', 'TA0003']… | wazuh-sca |
| 956802f5a392f535 | SCA Check 15523: Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 281e0b24c8e264be | SCA Check 15524: Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 88be7fc8bb47eebe | SCA Check 15525: Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 71c5ba48e638a894 | SCA Check 15526: Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| fc2238a27225cb82 | SCA Check 15527: Ensure 'Interactive logon: Machine account lockout threshold' is set to '10 or fewer invalid logon attempts, but not 0'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0… | wazuh-sca |
| 05c5a22399634b32 | SCA Check 15528: Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 489055c6ee5b1557 | SCA Check 15529: Configure 'Interactive logon: Message text for users attempting to log on'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 7482216b80fb8d5a | SCA Check 15530: Configure 'Interactive logon: Message title for users attempting to log on'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| a4747b6b00458aa3 | SCA Check 15531: Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)'. Policy: CIS Microsoft Windows 10… | wazuh-sca |
| a4869a07e1b69852 | SCA Check 15532: Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| a92272c96dcdeb02 | SCA Check 15533: Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 364fd650ebf90ffc | SCA Check 15534: Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| c0c3a6540f61eff5 | SCA Check 15535: Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| 5cd0901ac9c44977 | SCA Check 15536: Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| b0bd89b9edb40220 | SCA Check 15537: Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark… | wazuh-sca |
| 55e604290ffb7d26 | SCA Check 15538: Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 4184f37d8d9de909 | SCA Check 15539: Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| 2045e68434d317d4 | SCA Check 15540: Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 41a880d65f4e2915 | SCA Check 15541: Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher. Policy: CIS Microsoft Windows 10 Enterprise Benchmark… | wazuh-sca |
| 4c75e4b5c821dc62 | SCA Check 15543: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 2b742517d3d68e99 | SCA Check 15544: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics:… | wazuh-sca |
| 2b487b3e0109d84d | SCA Check 15545: Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark… | wazuh-sca |
| fa9d59d6e20d514b | SCA Check 15546: Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007']… | wazuh-sca |
| e5e29168709fc0e2 | SCA Check 15547: Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None'. Policy: CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |