AC_AZURE_0261 | Ensure public network access is disabled for Azure Data Factory | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0262 | Ensure public network access is disabled for Azure Container Registry | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0263 | Ensure public network access is disabled for Azure Batch Account | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0264 | Ensure log profile is configured to capture all activities for Azure Monitor Log Profile | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0265 | Ensure Secrets are not exposed in customData used in Azure Virtual Machine | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0266 | Ensure managed virtual networks are in use for Azure Synapse Workspace | Azure | Infrastructure Security | LOW |
AC_AZURE_0267 | Ensure that 'Phone number' is set for Azure Security Center Contact | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0268 | Ensure geo-redundant backups are enabled for Azure MySQL Single Server | Azure | Data Protection | HIGH |
AC_AZURE_0269 | Ensure that Accelerated Networking feature is enabled for Azure virtual machines (VMs) | Azure | Compliance Validation | LOW |
AC_AZURE_0270 | Ensure CIFS / SMB (TCP:3020) is not exposed to entire internet for Azure Network Security Rule | Azure | Infrastructure Security | HIGH |
AC_AZURE_0271 | Ensure CIFS / SMB (TCP:3020) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0272 | Ensure CIFS / SMB (TCP:3020) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0273 | Ensure Cassandra (TCP:7001) is not exposed to entire internet for Azure Network Security Rule | Azure | Infrastructure Security | HIGH |
AC_AZURE_0274 | Ensure Cassandra (TCP:7001) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0275 | Ensure Cassandra (TCP:7001) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0276 | Ensure Cassandra OpsCenter (TCP:61621) is not exposed to entire internet for Azure Network Security Rule | Azure | Infrastructure Security | HIGH |
AC_AZURE_0277 | Ensure tags are associated with Azure CosmosDB Account | Azure | Compliance Validation | LOW |
AC_AZURE_0278 | Ensure HTTP is disallowed for Azure CDN Endpoint | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0279 | Ensure notification email setting is enabled for Azure SQL Database Threat Detection Policy | Azure | Logging and Monitoring | LOW |
AC_AZURE_0280 | Ensure accessibility is restricted up to 256 hosts in Azure SQL Firewall Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0281 | Ensure latest version of Azure Kubernetes Cluster is in use | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0282 | Ensure Owner roles are not assigned to any principal using Azure Role Assignment | Azure | Identity and Access Management | HIGH |
AC_AZURE_0283 | Ensure that Activity Log Retention is set 365 days or greater for Azure Monitor Log Profile | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0284 | Ensure that 'Unattached disks' are encrypted with CMK | Azure | Data Protection | MEDIUM |
AC_AZURE_0285 | Ensure that SSH access is restricted from the internet | Azure | Infrastructure Security | HIGH |
AC_AZURE_0286 | Ensure SSH (TCP:22) is not exposed to public for Azure Network Security Rule | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0287 | Ensure SSH (TCP:22) is not exposed to more than 32 private hosts for Azure Network Security Rule | Azure | Infrastructure Security | LOW |
AC_AZURE_0288 | Ensure password authentication is disabled for Azure Linux Virtual Machine | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0289 | Ensure HTTP application routing has been disabled for Azure Kubernetes Cluster | Azure | Infrastructure Security | HIGH |
AC_AZURE_0290 | Ensure that Azure policies add-on are used for Azure Kubernetes Cluster | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0291 | Ensure that logging to Azure Monitoring is configured for Azure Kubernetes Cluster | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0292 | Ensure that public access is disabled in Azure Key Vault | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0293 | Ensure that Web Application Firewall (WAF) is used in 'Detection' or 'Prevention' modes for Azure Front Door | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0294 | Ensure encryption is enabled for Azure Data Lake Store | Azure | Data Protection | MEDIUM |
AC_AZURE_0295 | Ensure that logging for detailed error messages is enabled for Azure App Service | Azure | Logging and Monitoring | LOW |
AC_AZURE_0296 | Ensure that failed request tracing is enabled for Azure App Service | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0297 | Ensure that Azure Files are used for Azure App Service | Azure | Resilience | MEDIUM |
AC_AZURE_0298 | Ensure that Azure Data Explorer uses double encryption in Azure Kusto Cluster | Azure | Data Protection | MEDIUM |
AC_AZURE_0299 | Ensure that Azure Data Explorer uses disk encryption in Azure Kusto Cluster | Azure | Data Protection | MEDIUM |
AC_AZURE_0300 | Ensure virtual network is used to deploy Azure Container Group | Azure | Security Best Practices | MEDIUM |
AC_AZURE_0301 | Ensure that key vault is used to encrypt data for Azure Batch Account | Azure | Data Protection | MEDIUM |
AC_AZURE_0302 | Ensure read, write and delete request logging is enabled for queue service in Azure Storage Account | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0303 | Ensure that authentication feature is enabled for Azure Function App | Azure | Security Best Practices | LOW |
AC_AZURE_0304 | Ensure extensions are not installed on Azure Windows Virtual Machine | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0305 | Ensure public access is disabled for Azure Storage Sync | Azure | Infrastructure Security | HIGH |
AC_AZURE_0306 | Ensures that Active Directory is used for authentication for Azure Service Fabric Cluster | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0307 | Ensure public access is disabled for Azure Search Service | Azure | Infrastructure Security | HIGH |
AC_AZURE_0308 | Ensure public access is disabled for Azure MySQL Single Server | Azure | Infrastructure Security | HIGH |
AC_AZURE_0309 | Ensure default network access rule is set to deny in Azure Storage Account Network Rules | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0310 | Ensure VM extensions are not installed on Linux VM's in Azure Linux Virtual Machine | Azure | Infrastructure Security | MEDIUM |