| 1.2.1 Ensure the container host has been Hardened | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.8.7.2.1.3 Ensure 'Word 6.0 Binary Documents and Templates' is set to Enabled (Open/Save blocked, use open policy) | CIS Microsoft Office Word 2013 v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.8 Ensure 'credentials' are not stored in configuration files | CIS IIS 8.0 v1.5.1 Level 2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.8 Ensure 'credentials' are not stored in configuration files - Applications | CIS IIS 7 L2 v1.8.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.8 Ensure 'credentials' are not stored in configuration files - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREUID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Not Logging Only Mode | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : audit-exception-users | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : enable-chap-auth | VMWare vSphere 6.0 Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : set-account-auto-unlock-time | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : set-account-lockout | VMWare vSphere 6.0 Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : TransparentPageSharing-intra-enabled | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000204 - A public IIS 10.0 website must only accept Secure Socket Layer (SSL) connections when authentication is required. | DISA IIS 10.0 Site v2r11 | Windows | ACCESS CONTROL |
| IIST-SI-000210 - The IIS 10.0 website must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event. | DISA IIS 10.0 Site v2r11 | Windows | AUDIT AND ACCOUNTABILITY |
| IIST-SI-000214 - The IIS 10.0 website must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled. | DISA IIS 10.0 Site v2r11 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000117 - The IIS 10.0 web server must not perform user management for hosted applications. | DISA IIS 10.0 Server v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000129 - The IIS 10.0 web server must perform RFC 5280-compliant certification path validation. | DISA IIS 10.0 Server v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| IIST-SV-000200 - The IIS 10.0 websites MaxConnections setting must be configured to limit the number of allowed simultaneous session requests. | DISA IIS 10.0 Server v2r10 | Windows | ACCESS CONTROL |
| IISW-SI-000210 - The IIS 8.5 website must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event. | DISA IIS 8.5 Site v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SI-000214 - The IIS 8.5 website must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled - MIME that invoke OS shell programs disabled | DISA IIS 8.5 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000246 - Cookies exchanged between the IIS 8.5 website and the client must use SSL/TLS, have cookie properties set to prohibit client-side scripts from reading the cookie data and must not be compressed. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000103 - Both the log file and Event Tracing for Windows (ETW) for the IIS 8.5 web server must be enabled. | DISA IIS 8.5 Server v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SV-000117 - The IIS 8.5 web server must not perform user management for hosted applications. | DISA IIS 8.5 Server v2r7 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SV-000129 - The IIS 8.5 web server must perform RFC 5280-compliant certification path validation. | DISA IIS 8.5 Server v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| IISW-SV-000200 - The IIS 8.5 MaxConnections setting must be configured to limit the number of allowed simultaneous session requests. | DISA IIS 8.5 Server v2r7 | Windows | ACCESS CONTROL |
| NIST_macOS_Monterey_800-53r4_high_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | |
| NIST_macOS_Monterey_800-53r4_low_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | |
| NIST_macOS_Monterey_800-53r5_high_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | |
| NIST_macOS_Monterey_cnssi-1253_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | |
| VM : disable-console-copy | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-console-drag-n-drop | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-launchmenu | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-trayicon | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-taskbar | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-unityactive | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disconnect-devices-parallel | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : restrict-host-info | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : enable-bpdu-filter | VMWare vSphere 6.0 Hardening Guide | VMware | |
| vNetwork : reject-promiscuous-mode - 'portgroup' | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-promiscuous-mode-dvportgroup | VMWare vSphere 6.0 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
