API → UI component mappings · 90,813 documents
| ID | Document | Source |
|---|---|---|
| c2f9af13bd22216f | SCA Check 27028: Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| d7203ed3e7a7cfcd | SCA Check 27029: Ensure 'Interactive logon: Don't display last signed-in' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005'] Techniques: ['T1036',… | wazuh-sca |
| 852bff092caf057a | SCA Check 27030: Ensure 'Interactive logon: Machine inactivity limit' is set to '900 or fewer second(s), but not 0'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| f75a5ba5de8d72c8 | SCA Check 27031: Configure 'Interactive logon: Message text for users attempting to log on'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 7581baf62f142e80 | SCA Check 27032: Configure 'Interactive logon: Message title for users attempting to log on'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| 2af923cabce036cd | SCA Check 27033: Ensure 'Interactive logon: Number of previous logons to cache (in case domain controller is not available)' is set to '4 or fewer logon(s)' (MS only). Policy: CIS Microsoft Windows… | wazuh-sca |
| b740a8984950e423 | SCA Check 27034: Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| c46d342a159f01e0 | SCA Check 27035: Ensure 'Interactive logon: Require Domain Controller Authentication to unlock workstation' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |
| c661ef0bd8a05f74 | SCA Check 27036: Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| da2665fd9c878c31 | SCA Check 27037: Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 32ed2e4cbcc322a6 | SCA Check 27038: Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| c60634809f26af73 | SCA Check 27039: Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| bd4764b63364d763 | SCA Check 27040: Ensure 'Microsoft network server: Amount of idle time required before suspending session' is set to '15 or fewer minute(s)'. Policy: CIS Microsoft Windows Server 2022 Benchmark… | wazuh-sca |
| 9d541f76b8ecd403 | SCA Check 27041: Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| b12b7ff9066b166f | SCA Check 27042: Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 823d97474c324931 | SCA Check 27043: Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0006',… | wazuh-sca |
| 4919dbe80e728d44 | SCA Check 27044: Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only). Policy: CIS Microsoft Windows Server 2022… | wazuh-sca |
| 3320fbac90a664ed | SCA Check 27045: Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| f920e79ce579b85e | SCA Check 27046: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| d78813deddcc0b87 | SCA Check 27047: Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (MS only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |
| 7458726c935e4479 | SCA Check 27048: Ensure 'Network access: Do not allow storage of passwords and credentials for network authentication' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |
| c3ec0643ce47688f | SCA Check 27049: Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 220ae692e9cc633e | SCA Check 27050: Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 0db702fb485ae308 | SCA Check 27051: Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only). Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 2ec5f9ab9616980e | SCA Check 27052: Configure 'Network access: Remotely accessible registry paths' is configured. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques: ['T1595',… | wazuh-sca |
| aa7329dfe2291b96 | SCA Check 27053: Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 6c47c075c40c1f63 | SCA Check 27054: Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| 98104b402cd05665 | SCA Check 27055: Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only). Policy: CIS Microsoft Windows Server 2022… | wazuh-sca |
| 95534caa87a90c23 | SCA Check 27056: Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0004', 'TA0005']… | wazuh-sca |
| 7709342e72a3dc6a | SCA Check 27057: Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'. Policy: CIS Microsoft Windows Server 2022… | wazuh-sca |
| 60648ffa146509f8 | SCA Check 27058: Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| b13495ab5733470c | SCA Check 27059: Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007'] Techniques:… | wazuh-sca |
| 7d1445b93ebdf7c4 | SCA Check 27060: Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark… | wazuh-sca |
| c4fb677daa7794c0 | SCA Check 27061: Ensure 'Network security: Configure encryption types allowed for Kerberos' is set to 'AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types'. Policy: CIS Microsoft Windows… | wazuh-sca |
| 3a679ba9f2b99827 | SCA Check 27062: Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 6e632e28a46601d5 | SCA Check 27063: Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |
| 0616573062573890 | SCA Check 27064: Ensure 'Network security: LDAP client signing requirements' is set to 'Negotiate signing' or higher. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0009',… | wazuh-sca |
| 66b2f15c4285edb9 | SCA Check 27065: Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to 'Require NTLMv2 session security, Require 128-bit encryption'. Policy:… | wazuh-sca |
| 55572d32e6c1bc57 | SCA Check 27066: Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption'. Policy:… | wazuh-sca |
| ed2e7892bbeea9b3 | SCA Check 27067: Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| aeda239ebd10b4aa | SCA Check 27068: Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0005']… | wazuh-sca |
| fa713e8e771ef600 | SCA Check 27069: Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark… | wazuh-sca |
| 85f60230639fbef7 | SCA Check 27070: Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 72506945f0926d3f | SCA Check 27071: Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop'. Policy: CIS Microsoft… | wazuh-sca |
| ea322606e46a411c | SCA Check 27072: Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests'. Policy: CIS Microsoft Windows Server 2022… | wazuh-sca |
| 3c5756109d65d904 | SCA Check 27073: Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 14ba5686f33dd706 | SCA Check 27074: Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark… | wazuh-sca |
| 1ae7a70f5053ce99 | SCA Check 27075: Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics: ['TA0007']… | wazuh-sca |
| facc395d4a8f2694 | SCA Check 27076: Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0 Tactics:… | wazuh-sca |
| 8035af20e8188a04 | SCA Check 27077: Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'. Policy: CIS Microsoft Windows Server 2022 Benchmark v2.0.0… | wazuh-sca |