iCompaas Support
Welcome
Login
Sign up
Home
Solutions
Enter your search term here...
Search
New support ticket
Check ticket status
Solution home
Azure CIS Benchmark Level 1 & Level 2
1. Identity and Access Management
22
Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Privileged Users
Ensure that 'Multi-Factor Auth Status' is 'Enabled' for all Non-Privileged Users
Ensure Guest Users Are Reviewed on a Regular Basis
1.4 Ensure that 'Allow users to remember multi-factor authentication on devices they trust' is 'Disabled
1.5 Ensure that 'Number of methods required to reset' is set to '2'
View all 22
2. Security Center
15
Ensure That Microsoft Defender for Servers Is Set to 'On'
Ensure That Microsoft Defender for App Services Is Set To 'On'
2.3 Ensure that Azure Defender is set to On for Azure SQL database servers
Ensure That Microsoft Defender for SQL Servers on Machines Is Set To 'On' .
Ensure That Microsoft Defender for Storage Is Set To 'On'
View all 15
3. Storage Accounts
9
3.1 Ensure that 'Secure transfer required' is set to 'Enabled'
3.2 Ensure that storage account access keys are periodically regenerated
Ensure Storage Logging is Enabled for Queue Service for 'Read', 'Write', and 'Delete' requests (Automated)
3.4 Ensure that shared access signature tokens expire within an hour
Ensure that 'Public access level' is disabled for storage accounts with blob containers (Automated).
View all 9
4. Database Services
10
4.1.1 Ensure that 'Auditing' is set to 'On'
Ensure that 'Data encryption' is set to 'On' on a SQL Database
Ensure that 'Auditing' Retention is 'greater than 90 days'
Ensure that Advanced Threat Protection (ATP) on a SQL server is set to 'Enabled'
Ensure that Vulnerability Assessment (VA) is enabled on a SQL server by setting a Storage Account
View all 10
5. Logging and Monitoring
8
5.1.1 Ensure that a 'Diagnostics Setting' exists for exporting activity logs
Ensure Diagnostic Setting captures appropriate categories from the control/management plane
5.1.3 Ensure the storage container storing the activity logs is not publicly accessible
Ensure the storage account containing the container with activity logs is encrypted with Customer Managed Key
5.2.2 Ensure that Activity Log Alert exists for Delete Policy Assignment
View all 8
9. AppService
2
9.9 Ensure that 'HTTP Version' is the latest, if used to run the web app
9.10 Ensure FTP deployments are disabled
Help Desk Software
by Freshdesk