| 1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | |
| 1.1.10 - MobileIron - Enable 'Airplane Mode' | MobileIron - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 2.3.17.6 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 2.3.17.6 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.17.6 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.17.7 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.9 (L2) Ensure VDS health check is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.15 Oracle Installation - 'Separate users for different components of Oracle' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | |
| 4.1.2 Review Emergency Reset | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.2 Review Emergency Reset | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.2 Review Emergency Reset | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.2 Review Emergency Reset | AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.2 Review Emergency Reset | MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.2 Review Emergency Reset | AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 5.2.5 Ensure users must re-authenticate for privilege escalation | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.2.5 Ensure users must re-authenticate for privilege escalation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 12.35 Oracle Installation - 'Oracle software owner account name NOT 'oracle'' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - NETLOGON | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | RISK ASSESSMENT |
| 18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | RISK ASSESSMENT |
| 18.5.14.1 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' - SYSVOL | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.20.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.4.3 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 49.31 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL |
| 49.31 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL |
| EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| O121-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative logon method that does not expose the password. | DISA STIG Oracle 12c v3r4 Windows | Windows | CONFIGURATION MANAGEMENT |
| OL07-00-020030 - The Oracle Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly. | DISA Oracle Linux 7 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SHPT-00-000810 - SharePoint must identify potentially security-relevant error conditions. | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000032 - VAMI configuration files must be protected from unauthorized access - etc | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
