API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| a0c0a507dfd082e3 | SCA Check 15019: Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 998c03bc54e94e66 | SCA Check 15020: Ensure 'Domain controller: Refuse machine account password changes' is set to 'Disabled' (DC only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005']… | wazuh-sca |
| f0af6e2958e43299 | SCA Check 15021: Ensure 'Domain member: Digitally encrypt or sign secure channel data (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009',… | wazuh-sca |
| db58551c83b8c9b9 | SCA Check 15022: Ensure 'Domain member: Digitally encrypt secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009',… | wazuh-sca |
| c9a12f15eac0bef0 | SCA Check 15023: Ensure 'Domain member: Digitally sign secure channel data (when possible)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 077bf27fdd83a06e | SCA Check 15024: Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| ead6b3db8f8233a4 | SCA Check 15025: Ensure 'Domain member: Maximum machine account password age' is set to '30 or fewer days, but not 0'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| 3bc02bb369a3665b | SCA Check 15026: Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 2b9eec64c346b90a | SCA Check 15027: Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| d474e200c220dd26 | SCA Check 15028: Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 244e328233024294 | SCA Check 15029: Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 28d979da55540093 | SCA Check 15030: Configure 'Interactive logon: Message text for users attempting to log on'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 347abfe2f6aa91cb | SCA Check 15031: Configure 'Interactive logon: Message title for users attempting to log on'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 90394e5d0be1c83b | SCA Check 16022: Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only). Policy: CIS Microsoft Windows… | wazuh-sca |
| dad33986b7b657c8 | SCA Check 15032: Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| 9dc1672e57777ae3 | SCA Check 15033: Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark… | wazuh-sca |
| 5243b680e66fc952 | SCA Check 15034: Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 17ff0347a61321f8 | SCA Check 15035: Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 220092fad596bf33 | SCA Check 15036: Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| f07db03c9571c483 | SCA Check 15037: Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| a80a9b0b33864839 | SCA Check 15038: Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark… | wazuh-sca |
| fd8ce9cb93b6deb6 | SCA Check 15039: Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 47884f3c8a2ae3bb | SCA Check 15040: Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| d4f59a4731f06ca9 | SCA Check 15041: Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 399689f3690eefff | SCA Check 15042: Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only). Policy: CIS Microsoft Windows Server 2012 R2… | wazuh-sca |
| 0ea9cb851713245e | SCA Check 15043: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| 60ac940f64ca529d | SCA Check 15044: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0… | wazuh-sca |
| 6495af1a2ebff3e8 | SCA Check 15045: Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark… | wazuh-sca |
| 827bc9689e2d2aa4 | SCA Check 15046: Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 1264e4a4026a29db | SCA Check 15047: Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 1e999d397f07f5db | SCA Check 15048: Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only). Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| e74dc8d23d8b0085 | SCA Check 15049: Configure 'Network access: Remotely accessible registry paths' is configured. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| ba7332ab34f3b3b5 | SCA Check 15050: Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| be9dffbd1409f8e3 | SCA Check 15051: Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 61c9d799cc75910e | SCA Check 15052: Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only). Policy: CIS Microsoft Windows Server 2012 R2… | wazuh-sca |
| 5dba4f1f6e0ccc8e | SCA Check 15053: Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0004', 'TA0005']… | wazuh-sca |
| 72db03524c96f87d | SCA Check 15054: Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'. Policy: CIS Microsoft Windows Server 2012 R2… | wazuh-sca |
| 68ef7170277866cd | SCA Check 15055: Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| cb6e162936b843e7 | SCA Check 15056: Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| bbe22f9bb482a006 | SCA Check 15057: Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark… | wazuh-sca |
| 7303e7a4f430a72c | SCA Check 15058: Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| cfc26cd7c231d2ae | SCA Check 15059: Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0006', 'TA0003']… | wazuh-sca |
| 468451aa10304857 | SCA Check 15060: Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0… | wazuh-sca |
| cdacc4cc8b02a798 | SCA Check 15061: Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 1a719e8e58fcd033 | SCA Check 15062: Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0007']… | wazuh-sca |
| df7f7a357349b2ac | SCA Check 15063: Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics: ['TA0005']… | wazuh-sca |
| eb88fedf9fa08d21 | SCA Check 15064: Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark… | wazuh-sca |
| 4b37fa018fe0c068 | SCA Check 15065: Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |
| 44b2264cc16df5b1 | SCA Check 15066: Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'. Policy: CIS Microsoft Windows Server 2012 R2… | wazuh-sca |
| b21bb4b3b42fd6bf | SCA Check 15067: Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2012 R2 Benchmark v3.0.0 Tactics:… | wazuh-sca |