| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 (L1) Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.2.2 Ensure 'Audit: Shut down system immediately if unable to log security audits' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 4.1.1.3 Ensure audit logs are not automatically deleted | CIS Ubuntu Linux 14.04 LTS Server L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.18 Ensure the audit configuration is immutable | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.2 Ensure audit logs are not automatically deleted | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.4 Ensure AUDIT_ADMIN' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.239 - Windows Explorer - Heap Termination | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.246 - Windows Mail - Disable Application | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.2.2 Ensure audit logs are not automatically deleted | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4.2.2 Ensure audit logs are not automatically deleted | CIS Debian Linux 11 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| Allow Windows Ink Workspace - AllowWindowsInkWorkspace | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Windows Defender SmartScreen - EnabledV9 | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - ShellSmartScreenLevel | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| EPAS-00-002300 - The EDB Postgres Advanced Server must, by default, shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000030 The Photon operating system must allow only authorized users to configure the auditd service. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Device Configuration - Browser Autofill | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-CC-000142 - The Windows Explorer Preview pane must be disabled for Windows 2012 | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000142 - The Windows Explorer Preview pane must be disabled for Windows 2012 | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
