| 1.1.1.8 Ensure mounting of FAT filesystems is limited - modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.4.1 Ensure bootloader password is set - password efi user | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.4.1 Ensure bootloader password is set - superusers grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.6.2.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0 | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
| 1.6.2.6 Ensure no unconfined daemons exist | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.3.2 Ensure all AppArmor Profiles are enforcing - 0 processes are unconfirmed | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
| 1.7 Log Auditing | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 1.7.6 Ensure GDM automatic mounting of removable media is disabled | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 1.12 (L2) Host integrated hardware management controller must deactivate internal networking | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 2.2.6 - AirWatch - Set Maximum Auto-lock | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 4.2.12 minother | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1.2.5 (L2) Ensure the option to remain signed in is hidden | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL |
| 5.1.6 Set 'Display Level 1 attachments' to 'Disabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 (L2) Ensure 'Bluetooth Support Service (bthserv)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.16 (L2) Ensure 'Peer Networking Grouping (p2psvc)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.22 (L2) Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.23 (L2) Ensure 'Remote Desktop Services (TermService)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.31 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.35 (L2) Ensure 'Windows PushToInstall Service (PushToInstall)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.36 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.36 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.40 (L2) Ensure 'Windows PushToInstall Service (PushToInstall)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.9 (L2) Ensure 'Configure Windows protected print' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 10 Stand-alone v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.10.3.2 (L2) Ensure 'Turn off Application Footprint' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.3.3 (L2) Ensure 'Turn off Install Tracing' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.11.1 (L2) Ensure 'Allow Use of Camera' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.11.1 (L2) Ensure 'Allow Use of Camera' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.1 (L2) Ensure 'Allow UI Automation redirection' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.87.2 (L2) Ensure 'Turn on PowerShell Transcription' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 81.2 (L2) Ensure 'Bluetooth Support Service (bthserv)' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.23 (L2) Ensure 'Remote Desktop Services (TermService)' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.35 (L2) Ensure 'Windows PushToInstall Service (PushToInstall)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.40 (L2) Ensure 'Windows PushToInstall Service (PushToInstall)' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
