| 2.2.5 Ensure 'OS_ROLES' Is Set to 'FALSE' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 2.2.6 Ensure 'REMOTE_LOGIN_PASSWORDFILE' Is Set to 'NONE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 2.2.7 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.36 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.3 Ensure password reuse is limited | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited - password-auth | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited - system-auth | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.1 Ensure password expiration is 365 days or less - login.defs | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - login.defs | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.2 Ensure minimum days between password changes is 7 or more - users | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.3 Ensure password expiration warning days is 7 or more - login.defs | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 6.2.1 Ensure password fields are not empty | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.18 Ensure no duplicate user names exist | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 6.2.19 Ensure no duplicate group names exist | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| Allow log on locally | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on through Remote Desktop Services | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on through Remote Desktop Services | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on through Remote Desktop Services | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on through Remote Desktop Services | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on as a service | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on locally | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on locally | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Domain member: Maximum machine account password age | MSCT Windows 10 1903 v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Ensure minimum days between password changes is 7 or more | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Generate security audits | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Lock pages in memory | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Modify an object label | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow Local System to use computer identity for NTLM | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: Force logoff when logon hours expire | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Force logoff when logon hours expire | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Force logoff when logon hours expire | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
