| 1.1.1.8 Ensure mounting of FAT filesystems is limited - vfat fstab | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.9 Ensure add audio watermark is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2 Disable Unused Connectors | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Disable Unused Connectors | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.5 (L1) Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 2.3.17.5 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.17.6 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.17.7 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.17.7 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.14 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.14 Ensure the 'sa' Login Account has been renamed | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1 Disable Network Prefetch | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Disable Network Prefetch | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Block Mixed Active Content | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Set OCSP Response Policy | CIS Mozilla Firefox 102 ESR Linux L2 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Set Security TLS Version Maximum | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Set Security TLS Version Minimum | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6 Set SSL Override Behavior | CIS Mozilla Firefox 102 ESR Linux L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Block Pop-up Windows | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.1 Block Pop-up Windows | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 Disable Closing of Windows via Scripts | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 Disable Closing of Windows via Scripts | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.4 Disable Form Fill Assistance | CIS Mozilla Firefox 102 ESR Windows L2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.5 Disable Geolocation Serivces | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Disable Sending Data | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.10 Enable Enhanced Tracking Protection | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.3 Disable Encrypted Media Extensions | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.3 Set 'Restrict ActiveX Install' to 'Enabled' - (Reserved) | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.6 Enable Extension Auto Update | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.7 Enable Extension Block List | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Block Reported Attack Sites | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.20.1.2 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.2 (L1) Ensure 'Turn off downloading of print drivers over HTTP' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.3.2 (L1) Ensure 'Prevent non-admin users from installing packaged Windows apps' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTOO320 - Check e-mail addresses against addresses of certificates being used must be disallowed. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| O121-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative logon method that does not expose the password. | DISA STIG Oracle 12c v3r4 Linux | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-015350 - Software, applications, and configuration files that are part of, or related to, the SQL Server 2012 installation must be monitored to discover unauthorized changes. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-010520 - The file integrity tool must be configured to verify Access Control Lists (ACLs). | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
