CIS-CSC User Guide – Lists

Compliance: Network Access Control Systems

List ID: -1001

Object Type: Report

Object ID: 84

Object Name: Compliance: System Critical And Error Conditions

Compliance: Production Servers

List ID: -1003

Object Type: Report

Object ID: 84

Object Name: Compliance: System Critical And Error Conditions

Compliance: Remote Access Systems

List ID: -1004

Object Type: Report

Object ID: 84

Object Name: Compliance: System Critical And Error Conditions

Compliance: Wireless Access Points

List ID: -1005

Object Type: Report

Object ID: 84

Object Name: Compliance: System Critical And Error Conditions

Malicious User Agent Strings

List ID: -2055

Object Type: AIE Rule

Object ID: 1112

Object Name: CSC: External Malicious User-Agent

Suspicious URL Characters

List ID: -2056

Object Type: AIE Rule

Object ID: 1113

Object Name: CSC: External Malicious URL Characters

Privileged Users

List ID: -2091

Object Type: AIE Rule

Object ID: 158

Object Name: CSC: Accounts Deleted by Admin

Privileged Users

List ID: -2091

Object Type: AIE Rule

Object ID: 159

Object Name: CSC: Accounts Disabled by Admin

Privileged Users

List ID: -2091

Object Type: AIE Rule

Object ID: 162

Object Name: CSC: Windows RunAs Privilege Escalation

Privileged Users

List ID: -2091

Object Type: AIE Rule

Object ID: 165

Object Name: CSC: Linux sudo Privilege Escalation

Privileged Groups

List ID: -2092

Object Type: AIE Rule

Object ID: 160

Object Name: CSC: Users Added to Admin Group

Privileged Groups

List ID: -2092

Object Type: AIE Rule

Object ID: 161

Object Name: CSC: Users Removed from Admin Group

Network: Search : HTTP

List ID: -2169

Object Type: AIE Rule

Object ID: 436

Object Name: CSC: Port Misuse: 80

Network: Whitelisted Countries

List ID: -2179

Object Type: AIE Rule

Object ID: 439

Object Name: CSC: Allowed Traffic from Non-Whitelist Country

Network: Blacklisted Countries

List ID: -2180

Object Type: AIE Rule

Object ID: 464

Object Name: CSC: Allowed Traffic from Blacklist Country

Network: Functional : Online Storage

List ID: -2182

Object Type: Investigation

Object ID: 226

Object Name: Online Storage Usage

Network: Allowed Ingress Ports

List ID: -2187

Object Type: AIE Rule

Object ID: 500

Object Name: CSC: Blacklisted Ingress Port Observed

Network: Allowed Egress Ports

List ID: -2188

Object Type: AIE Rule

Object ID: 499

Object Name: CSC: Blacklisted Egress Port Observed

Generic Accounts

List ID: -2189

Object Type: Investigation

Object ID: 218

Object Name: Generic Account Usage

Blacklisted User Agent Strings

List ID: -2194

Object Type: AIE Rule

Object ID: 497

Object Name: CSC: Blacklisted User-Agent String

Network Devices

List ID: -2197

Object Type: AIE Rule

Object ID: 493

Object Name: CSC: Config Change After Attack

Wireless Network IP Range

List ID: -2198

Object Type: AIE Rule

Object ID: 508

Object Name: CSC: New Wireless Host