| 1.3 Ensure Password Complexity is set to 3 | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| 1.3.1 Ensure 'Minimum Password Complexity' is enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.5 FTP/SFTP Access Authorization | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.8 SSH Strong Algorithm - d) Disable encryption aes192-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Protection Policy for the CPS Control Engine | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.32 Ensure 'Deny log on locally' to include 'Guests' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Audit Dictation | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.18.1 Audit Dictation | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1 Ensure detailed logging is enabled | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 9.1.12 Ensure That 'All users with the following roles' is set to 'Owner' | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | INCIDENT RESPONSE |
| AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain). | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-03-080102 - Apple iOS must implement the management setting: not allow Exchange messages to be forwarded or moved to other accounts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-001800 - Apple iOS must not display notifications when the device is locked. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-004300 - Apple iOS must not allow backup to remote systems (iCloud Keychain). | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-004300 - Apple iOS must not allow backup to remote systems (iCloud Keychain). | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-011100 - Apple iOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL |
| AIOS-12-011600 - Apple iOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS Mail app. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AIOS-13-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud). | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud). | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-010600 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-13-010600 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-003700 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud). | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-008900 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-012500 - Apple iOS/iPadOS 15 must implement the management setting: disable AirDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-009800 - Apple iOS/iPadOS 16 must be configured to disable multiuser modes. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-010800 - Apple iOS/iPadOS 16 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010800 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012500 - Apple iOS/iPadOS 17 must implement the management setting: disable AirDrop. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-18-010800 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-12-000054 - The macOS system must implement approved ciphers within the SSH server configuration to protect the confidentiality of SSH connections. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-12-000055 - The macOS system must implement approved Message Authentication Codes (MACs) within the SSH server configuration. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-12-000057 - The macOS system must implement approved ciphers within the SSH client configuration to protect the confidentiality of SSH connections. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-12-000059 - The macOS system must implement approved Key Exchange Algorithms within the SSH client configuration. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-13-000054 - The macOS system must implement approved ciphers within the SSH server configuration to protect the confidentiality of SSH connections. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-13-000055 - The macOS system must implement approved Message Authentication Codes (MACs) within the SSH server configuration. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-13-000056 - The macOS system must implement approved Key Exchange Algorithms within the SSH server configuration. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CIS Control 12 (12.1) Maintain an Inventory of Network Boundaries | CAS Implementation Group 1 Audit File | Unix | SECURITY ASSESSMENT AND AUTHORIZATION |
| CIS_Microsoft_Exchange_Server_2013_Level_1_Edge_v1.1.0.audit from CIS Microsoft Exchange Server 2013 v1.1.0 Benchmark | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Exchange_Server_2013_Level_1_UM_v1.1.0.audit from CIS Microsoft Exchange Server 2013 v1.1.0 Benchmark | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Ubuntu_18.04_LXD_Container_v1.0.0_L1.audit from CIS Ubuntu Linux 18.04 LXD Container Benchmark | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | |
