| 1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 (L1) Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.6 (L1) Ensure 'Store passwords using reversible encryption' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.3 (L1) Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 4.4.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 17.5.1 (L1) Ensure 'Audit Account Lockout' is set to include 'Failure' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 (L1) Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.3.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.3.6 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.7 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.6 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.8 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.8 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.8 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.9 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.9 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.9 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.9 Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.59.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.60 Ensure 'System files must be monitored for unauthorized changes' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001101 - AIX CDE must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| Authentication with Exchange Server | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JUSX-IP-000027 - The Juniper Networks SRX Series Gateway IDPS must perform real-time monitoring of files from external sources at network entry/exit points. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| PANW-NM-000110 - The Palo Alto Networks security platform must accept and verify Personal Identity Verification (PIV) credentials - PIV credentials | DISA STIG Palo Alto NDM v3r3 | Palo_Alto | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Prevent installation of devices using drivers that match these device setup classes - 1 | MSCT Windows 10 v2004 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - 1 | MSCT Windows 10 v1507 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - 1 | MSCT Windows 10 v21H2 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - DenyDeviceClasses | MSCT Windows 10 v1507 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - DenyDeviceClasses | MSCT Windows 10 1803 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - DenyDeviceClassesRetroactive | MSCT Windows 10 1909 v1.0.0 | Windows | MEDIA PROTECTION |
| Prevent installation of devices using drivers that match these device setup classes - Device Installation Restrictions | MSCT Windows 10 1809 v1.0.0 | Windows | MEDIA PROTECTION |
| SQL4-00-031900 - When supporting applications that require security labeling of data, SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in storage. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | ACCESS CONTROL |
| WN16-AC-000090 - Windows Server 2016 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000110 - Windows Server 2019 must use an anti-virus program. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-AC-000090 - Windows Server 2019 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-CC-000410 - Windows Server 2019 must prevent Indexing of encrypted files. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000210 - Windows Server 2022 passwords must be configured to expire. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-AC-000090 - Windows Server 2022 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-CC-000410 - Windows Server 2022 must prevent Indexing of encrypted files. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
