System32
Sysmon
Events
Compliance
Validator
TLS/SSL
GeoIP
Tools
Security Technical Implementation Guides (STIGs)
Product
Active Directory Domain Security
(29)
Severity
Medium
(20)
High
(5)
Low
(4)
SRG
SRG-OS-000480
(29)
CCIs
CCI-000366
(29)
STIG IDs
AD.0001
(1)
AD.0002
(1)
AD.0003
(1)
AD.0004
(1)
AD.0005
(1)
AD.0009
(1)
AD.0013
(1)
AD.0015
(1)
AD.0017
(1)
AD.0018
(1)
AD.0151
(1)
AD.0160
(1)
AD.0170
(1)
AD.0180
(1)
AD.0181
(1)
AD.0205
(1)
AD.0240
(1)
AD.0260
(1)
AD.0270
(1)
AD.AU.0001
(1)
AD.AU.0002
(1)
AD.AU.0003
(1)
DS00.0160_AD
(1)
DS00.1120_AD
(1)
DS00.3200_AD
(1)
DS00.3230_AD
(1)
DS00.6120_AD
(1)
DS00.6140_AD
(1)
DS00.7100_AD
(1)
Rule IDs
SV-243466r959010_rule
(1)
SV-243467r959010_rule
(1)
SV-243468r959010_rule
(1)
SV-243469r959010_rule
(1)
SV-243470r959010_rule
(1)
SV-243472r959010_rule
(1)
SV-243473r959010_rule
(1)
SV-243475r959010_rule
(1)
SV-243477r1153405_rule
(1)
SV-243478r959010_rule
(1)
SV-243479r1153403_rule
(1)
SV-243480r959010_rule
(1)
SV-243481r959010_rule
(1)
SV-243482r959010_rule
(1)
SV-243483r959010_rule
(1)
SV-243487r959010_rule
(1)
SV-243488r959010_rule
(1)
SV-243489r959010_rule
(1)
SV-243490r959010_rule
(1)
SV-243491r959010_rule
(1)
SV-243492r959010_rule
(1)
SV-243493r959010_rule
(1)
SV-243494r959010_rule
(1)
SV-243496r959010_rule
(1)
SV-243497r959010_rule
(1)
SV-243499r959010_rule
(1)
SV-243500r959010_rule
(1)
SV-243501r1016334_rule
(1)
SV-269097r1026170_rule
(1)
Tags
AppLocker
All AppLocker events
EventSentry
All EventSentry events
Security
All Windows Security events
stig
All stig events
Vulnerability ID
Severity
Description
V-243466
High
Membership to the Enterprise Admins group must be restricted to accounts used only to manage the ...
V-243467
High
Membership to the Domain Admins group must be restricted to accounts used only to manage the Acti...
V-243468
Medium
Administrators must have separate accounts specifically for managing domain member servers
V-243469
Medium
Administrators must have separate accounts specifically for managing domain workstations
V-243470
High
Delegation of privileged accounts must be prohibited
V-243472
Medium
Separate smart cards must be used for Enterprise Admin (EA) and Domain Admin (DA) accounts from s...
V-243473
Medium
Separate domain accounts must be used to manage public facing servers from any domain accounts us...
V-243475
Medium
Domain controllers must be blocked from Internet access
V-243477
Medium
User accounts with domain level administrative privileges must be members of the Protected Users ...
V-243478
Medium
Domain-joined systems (excluding domain controllers) must not be configured for unconstrained del...
V-243479
Medium
The Directory Service Restore Mode (DSRM) passwords must be changed on each Domain Controller (DC...
V-243480
Medium
The domain functional level must be at a Windows Server version still supported by Microsoft
V-243481
Medium
Access to need-to-know information must be restricted to an authorized community of interest
V-243482
High
Interconnections between DoD directory services of different classification levels must use a cro...
V-243483
High
A controlled interface must have interconnections among DoD information systems operating between...
V-243487
Medium
Membership in the Group Policy Creator Owners and Incoming Forest Trust Builders groups must be l...
V-243488
Low
User accounts with delegated authority must be removed from Windows built-in administrative group...
V-243489
Medium
Read-only Domain Controller (RODC) architecture and configuration must comply with directory serv...
V-243490
Medium
Usage of administrative accounts must be monitored for suspicious and anomalous activity
V-243491
Medium
Systems must be monitored for attempts to use local accounts to log on remotely from other systems
V-243492
Medium
Systems must be monitored for remote desktop logons
V-243493
Medium
Active Directory data must be backed up daily for systems with a Risk Management Framework catego...
V-243494
Low
Each cross-directory authentication configuration must be documented
V-243496
Medium
Accounts from outside directories that are not part of the same organization or are not subject t...
V-243497
Medium
Inter-site replication must be enabled and configured to occur at least daily
V-243499
Low
Active Directory implementation information must be added to the organization contingency plan wh...
V-243500
Medium
Active Directory must be supported by multiple domain controllers where the Risk Management Frame...
V-243501
Low
The impact of CPCON changes on the cross-directory authentication configuration must be considere...
V-269097
Medium
Windows Server domain controllers must have Kerberos logging enabled with servers hosting Active ...