| 1.2.1 Ensure the container host has been Hardened | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 2.2.40 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' - Administrators, NT SERVICE\WdiServiceHost | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PRIOCNTLSYS : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PRIOCNTLSYS : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPPRIV : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.4.3 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.11.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 18.9.11.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, CONTINGENCY PLANNING |
| 18.9.11.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, CONTINGENCY PLANNING |
| 18.9.11.3.1 Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.9.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | ACCESS CONTROL |
| 18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | ACCESS CONTROL |
| 18.10.9.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 BL | Windows | ACCESS CONTROL |
| 18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | ACCESS CONTROL |
| 18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL |
| 18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.10.1.1 (BL) Ensure 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker | Windows | ACCESS CONTROL |
| 18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL |
| 18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.10.3.1 (BL) Ensure 'Allow access to BitLocker-protected removable data drives from earlier versions of Windows' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_L1_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC | Windows | |
| CIS_Microsoft_Intune_for_Windows_10_v4.0.0_L2.audit from CIS Microsoft Intune for Windows 10 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_10_EMS_Gateway_v3.0.0_L1.audit from CIS Microsoft Windows 10 EMS Gateway Benchmark v3.0.0 | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1_BL_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2_BL_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2_BL.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NG | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 BL | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L2_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_Next_Generation_Windows_Security_-_Member_Server.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 NG MS | Windows | |
| Network security: Allow Local System to use computer identity for NTLM | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
